[SERVER-12671] Provide option to allow "masking" of query variables within audit stream. Created: 10/Feb/14  Updated: 06/Dec/22

Status: Backlog
Project: Core Server
Component/s: Logging, Security
Affects Version/s: None
Fix Version/s: None

Type: New Feature Priority: Major - P3
Reporter: Rob Young (Inactive) Assignee: Backlog - Security Team
Resolution: Unresolved Votes: 1
Labels: Auditing
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Duplicate
is duplicated by SERVER-17959 option to redact sensitive data from ... Closed
Assigned Teams:
Server Security
Participants:

 Description   

This enhancement allows users to optionally "mask" variables within the audit log. Use case would include logging of CRUD commands generated by applications that manage sensitive data (SSN, credit card data, medical records, etc.). This could be implemented globally or via collection, document, field level tagging. Most competing rdbms' provide this level of data obsfuscation for sensitive data.


Generated at Thu Feb 08 03:29:13 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.