Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-17959

option to redact sensitive data from system logs

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.3.10
    • Component/s: Logging, Security
    • Labels:
      None
    • Backwards Compatibility:
      Fully Compatible
    • Sprint:
      Security 7 08/10/15

      Description

      Log redaction is a desired feature for PII data and as a complement to encryption at rest.

      In its simplest form it could be implemented as a configuration option redactLogs orthogonal to the log level.

      • Preserve enough info in the redaction function so that CEs et al. can do useful analytics on the output. This includes for query shapes for instance. This could be achieved through hashing actual data in the queries.

      Things that could/should be redacted:
      1. query parameters (things other than field names and dollarsign operators).
      2. hostnames/IP addresses
      3. User names maybe?
      4. Namespace names maybe?
      5. Error messages in case error messages include any of the above.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              backlog-server-platform DO NOT USE - Backlog - Platform Team
              Reporter:
              andreas.nilsson Andreas Nilsson
              Participants:
              Votes:
              0 Vote for this issue
              Watchers:
              13 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: