Data Masking functionality that is offered by Apigee only regards tracing/debugging sessions, but NOT logging ?

sgopalam
Participant I

I am trying to mask sensitive data from the API logs (not trace). As I understood it, the Data Masking functionality that is offered by Apigee only regards tracing/debugging sessions, but NOT logging (http://apigee.com/docs/api-services/content/data-masking).

Whats the best practice around masking sensitive data in logs? can you share some reference code?

1 4 1,343
4 REPLIES 4

just curious, why do you need to log sensitive data? if the goal is it mask it,

@Mukundha Madhavan fair point, however we have customers who want to log complete request and response for certain usecases and will want the flexibility to mask sensitive information like creditcard, ssn etc in it.

adas
Participant V

@sgopalam@apigee.com The debug masking feature only masks the data seen in trace, it doesn't address masking data in the logs. For logs we did implement a feature a while back, whereby you could mask sensitive data like Authorization header etc. by defining a regex pattern in the logback.xml property file of the corresponding component:

<?xml version="1.0" encoding="UTF-8"?>
<encoder class="ch.qos.logback.core.encoder.LayoutWrappingEncoder">
   <layout class="com.apigee.logging.MaskPatternLayout">
      <patternsProperty>${sensitiveDataPattern}</patternsProperty>
      <pattern>${defaultPattern}</pattern>
   </layout>
</encoder>

You can find more details about the feature in JIRA: MGMT-1364

Please note that this can have performance implications when DEBUG logging is enabled. In general the message-processors, do not log the request/response or any of the processing while in INFO mode, so that way you shouldn't really see any sensitive data being logged unless you turn ON DEBUG mode.

Thanks @arghya das

I will try this and let you know. Few of our customers want to log every request and response of their API. In such usecases this will impact performance. If we have to choose b/w javascript policy to mask data that is logged using Message Logging policy vs the generic logback XML way which will be the preferred option ?

Also I am assuming the logback.xml regex is executed Asynchronously and should not impact API latency.. Can you confirm?