Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Additional information needed for handling multiple instances of sensitive data to be masked #114644

Closed
adamhcj opened this issue Sep 13, 2023 · 4 comments
Closed

Additional information needed for handling multiple instances of sensitive data to be masked #114644

adamhcj opened this issue Sep 13, 2023 · 4 comments
Assignees
@AnuragSingh-MSFT
Labels
application-insights/subsvc Azure-Monitor/svc cxp doc-enhancement Pri2 triaged

Comments

@adamhcj
Copy link

adamhcj commented Sep 13, 2023

I noticed that the examples given when extracting attributes only handle for a single instance of the sensitive data of userId.

Under "Masking sensitive data in log message":
when extracting redactedUserId attribute from the logs by using regex (?\d+)

What about the case where I want multiple instances of userId to be masked? There may be more than 2 instances, is there any way to cater for variable number of userId instances? Does (?\d+)+ extract all instances of userId?

For example:
"User account with userId: 12345678 has transferred $5 to user account with userId: 23456789"
masked to:
"User account with userId {redactedUserId} has transferred $5 to user account with userId {redactedUserId}"

Document Details

Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.
@Naveenommi-MSFT
Copy link
Contributor

@adamhcj
Thanks for your feedback! We will investigate and update as appropriate.

@adamhcj
Copy link
Author

adamhcj commented Sep 14, 2023

I have raised a question on stackoverflow too, with how I tried to go about implementing this handling of multiple instances of sensitive data to be masked:

https://stackoverflow.com/questions/77098276/masking-multiple-instances-of-sensitive-data-in-logs-of-azure-monitor-applicatio

I would love for a better approach / example to handle variable number of instances of sensitive data rather than hardcoding X number of rules in the json config.

@AnuragSingh-MSFT
Copy link
Contributor

@adamhcj, apologies for delayed response. The feature to capture multimatches in an attribute of type "string array" (to capture all of the values, instead of only the last value) was included in the latest release of SDK - Java 3.4.16.

PR: microsoft/ApplicationInsights-Java#3229

I also see that you updated StackOverflow question that you were able to get the expected result using + symbol.
Please let us know if you have any further questions.

@adamhcj
Copy link
Author

adamhcj commented Sep 15, 2023

@adamhcj, apologies for delayed response. The feature to capture multimatches in an attribute of type "string array" (to capture all of the values, instead of only the last value) was included in the latest release of SDK - Java 3.4.16.

PR: microsoft/ApplicationInsights-Java#3229

I also see that you updated StackOverflow question that you were able to get the expected result using + symbol. Please let us know if you have any further questions.

No worries! I've managed to solve it. Thank you :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AnuragSingh-MSFT AnuragSingh-MSFT

Labels
application-insights/subsvc Azure-Monitor/svc cxp doc-enhancement Pri2 triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@adamhcj @AnuragSingh-MSFT @Naveenommi-MSFT