Skip to content
/ log4j2-masking-policy Public

A log4j2 rewrite policy to mask sensitive data in Json and XML

6 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mariocairone/log4j2-masking-policy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
log4j2-masking-policy-api
log4j2-masking-policy-api
 
 
log4j2-masking-policy-core
log4j2-masking-policy-core
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Log4j2 Masking Policy

A Log4j2 Rewrite policy to mask sensitive data in XML and JSON.

Installation

Add the following dependency to the project:

<dependency>
    <groupId>com.mariocairone</groupId>
    <artifactId>log4j2-masking-policy</artifactId>
    <version>1.0.2</version>
</dependency>

Configuration

MaskPolicies

Wrapper for one or more MaskPolicy elements.

Converters

Wrapper for one or more Converter elements.

Converter

Convert are used to transform the log4j2 Message into string before masking and convert the masked string back to log4j2 Message. The Converter class must implement the MessageConverter interface.

attribute values description required
className Fully qualified class name Specify formatter class true
Example
    ...
    <MaskPolicies>
        <Converters>
            <Converter className="com.mycompany.MyMessageConverter" />
        </Converters>
        <MaskPolicy type="JSON" enabled="true"> 
            <Exclusions>
                <Exclusion value="$.store.book[*].author" />
            </Exclusions>
        </MaskPolicy>				
    </MaskPolicies>
    ...

MaskPolicy

attribute values description required
type XML/JSON Specify the type of Masker true
enabled true/false Enable or disable the masking false

Exclusions

Wrapper for one or more Exlusion elements.

Exclusion

Specify the element that shouldn't be masked. The value attribute can be a simple string or a path. If a single string is specified, all the nodes/elements/attributes having that string as key/name will not be masked.

JSON
attribute MaskPolicyType values required
value JSON String/JsonPath true
Example
    ...
    <MaskPolicies>
        <MaskPolicy type="JSON" enabled="true"> 
            <Exclusions>
                <Exclusion value="$.name" />
            </Exclusions>
        </MaskPolicy>				
    </MaskPolicies>
    ...
XML
attribute values description
value XPath Specify the elements that shouldn't be masked
Example
    ...
    <MaskPolicies>
        <MaskPolicy type="XML" > 
            <Exclusions>
                <Exclusion value="/customer/order[1]" />
            </Exclusions>
        </MaskPolicy>				
    </MaskPolicies>
    ...

Log4j2 Complete Configuration Example

Below is an example of log4j2 configuration file.

<?xml version="1.0" encoding="UTF-8"?>
<Configuration status="debug" packages="com.mariocairone.log4j2">

    <Appenders>
        
        <Console name="Console" target="SYSTEM_OUT">
            <PatternLayout   pattern="[%-5level] %d{yyyy-MM-dd HH:mm:ss.SSS} [%t] %c{1} - %msg%n" />
        </Console>

        <Rewrite name="REWRITE">
            <AppenderRef ref="Console" />
            <MaskPolicies>
                <MaskPolicy type="JSON" enabled="true"> 
                    <Exclusions>
                        <Exclusion value="$.name" />
                    </Exclusions>
                </MaskPolicy>				
            </MaskPolicies>
        </Rewrite>   

    </Appenders>

    <Loggers>
        <Root level="debug" additivity="false">
            <appender-ref ref="Console" />
        </Root>
    </Loggers>

</Configuration>

Note: the package com.mariocairone.log4j2 must be added in the log4j2 configuration file.

About

A log4j2 rewrite policy to mask sensitive data in Json and XML

Topics

log4j2 sensitive-data masking rewrite-policy

Resources

Readme
Activity

Stars

6 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages