Document logging filter #6231

skearns64 · 2016-02-12T18:12:04Z

#5036 added the ability to filter auth headers from the logs, but I don't believe it allows the admin to customize what gets filtered.

This issue tracks allowing the admin to configure which headers are filtered out from the logs (e.g. as a setting in the kibana.yml).

If this is already possible, then :) and this issue can track adding the mechanism to the docs.

spalger · 2016-02-12T23:50:30Z

This is actually possible. The logging.filter setting can be set to keys that should be removed from anything that gets logged. The filtering of the authorization header is accomplished by the default setting:

--logging.filter.authorization=remove

This causes the "authorization" key to be removed from any object logged by kibana. No matter where it appears, the logger will recurse through nested objects and remove any authorization key.

palecur · 2016-03-07T22:58:00Z

PR #6451 is up to address this for 4.5 and 4.3. PR #6452 backports the relevant bit to 4.4.

skearns64 mentioned this issue Feb 12, 2016

Pass incoming request headers to Elasticsearch #6221

Closed

rashidkpc added release_note:enhancement P2 labels Feb 12, 2016

spalger added Team:Docs and removed release_note:enhancement labels Feb 12, 2016

spalger changed the title ~~Allow filtering specific request headers from the log~~ Document logging filter Feb 12, 2016

palecur added review PR sent labels Mar 7, 2016

tbragin closed this as completed Mar 22, 2016

tbragin added the v4.4.0 label Mar 22, 2016

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Document logging filter #6231

Document logging filter #6231

skearns64 commented Feb 12, 2016

spalger commented Feb 12, 2016

palecur commented Mar 7, 2016

Document logging filter #6231

Document logging filter #6231

Comments

skearns64 commented Feb 12, 2016

spalger commented Feb 12, 2016

palecur commented Mar 7, 2016