[SERVER-12671] Provide option to allow "masking" of query variables within audit stream. Created: 10/Feb/14 Updated: 06/Dec/22 |
|
| Status: | Backlog |
| Project: | Core Server |
| Component/s: | Logging, Security |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | New Feature | Priority: | Major - P3 |
| Reporter: | Rob Young (Inactive) | Assignee: | Backlog - Security Team |
| Resolution: | Unresolved | Votes: | 1 |
| Labels: | Auditing | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Assigned Teams: |
Server Security
|
||||||||
| Participants: | |||||||||
| Description |
|
This enhancement allows users to optionally "mask" variables within the audit log. Use case would include logging of CRUD commands generated by applications that manage sensitive data (SSN, credit card data, medical records, etc.). This could be implemented globally or via collection, document, field level tagging. Most competing rdbms' provide this level of data obsfuscation for sensitive data. |