Is there a way to mask sensitive fields while logging messages in APIGEE?

Is there a way to mask sensitive fields while logging messages in APIGEE? I found document that talks about masking sensitive fields while tracing and debugging in APIGEE by using privat. prefix with variables containing sensitive data and by using mask configuration.

I want to mask the fields while logging my request/response. Is there an easy way to do this instead of writing custom code for masking those fields before logging the message.

Solved Solved
0 3 1,776
1 ACCEPTED SOLUTION

For the MessageLogging policy, you will need to design the policy to not log sensitive information.

I know of no other way other than writing code to mask the fields or data you want to mask.

For example if you're logging a payload, you'll need to build some logic to mask the fields in the payload.

There's a cloud-based DLP API from Google that can help with this.

View solution in original post

3 REPLIES 3

Can you clarify what you mean by Logging ? Are you using the MessageLogging policy? The StatisticsCollector policy for Analytics? Something else? Where is the data being logged?

Hi

@Dino, Apologies for not being clear here. I am trying to log messages using Message logging policy. I am trying to log the request/response messages which has sensitive fields using this policy.

For the MessageLogging policy, you will need to design the policy to not log sensitive information.

I know of no other way other than writing code to mask the fields or data you want to mask.

For example if you're logging a payload, you'll need to build some logic to mask the fields in the payload.

There's a cloud-based DLP API from Google that can help with this.