Apigee Logging - What is Logged?

nathanaw
Participant V

Assuming I have no Message Logging policy defined anywhere in my proxies, need a confirmation from Apigee that no sensitive information is and will be logged -- customer name, PII, in request/response payload will be logged at the routers, message processors or anywhere in the Apigee Platform.

0 1 147
1 REPLY 1

sidd-harth
Participant V

I guess as an Apigee developer or Admin, you need to make sure that sensitive information is protected. You should be looking at Data masking feature provided by Apigee. Also check other security/privacy options available,

HIPPA - https://docs.apigee.com/api-platform/faq/hipaa-configuration-guide-edge-public-cloud

PCI - https://docs.apigee.com/api-platform/faq/pci-configuration-guide-edge-public-cloud

OWASP - https://docs.apigee.com/api-platform/faq/owasp-protection

Privacy - https://docs.apigee.com/api-platform/faq/privacy-security-settings