-
Notifications
You must be signed in to change notification settings - Fork 115
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Align sanitize_field_names option + central config #319
Comments
Ruby's |
Similarly the Node.js agent uses this https://github.com/watson/redact-secrets here https://github.com/elastic/apm-agent-nodejs/blob/68b50f6d1f66684bb77621d2b27d044b9994b36f/lib/filters/http-headers.js. |
Would it be feasible for the Python, Ruby, and Node.js agents to align with the rest? *hides* |
Fine with me 👍. Seems like something we could soft-deprecate and keep the fallback until next major. |
No advantage in being the earliest agents anymore, I see that 😉 |
Yes, python can align without even needing to follow a deprecation path, since the other agents have a superset of exclusions compared to us. |
Superseded by #334 |
Reopening to track the meta status of this |
Closing: Implemented in all Agents. |
We want to add
sanitize_field_names
to central config: #318This is a setting that affects the security of the application so we want it to be aligned across agents and available in central config. This ensures that if information is leaking, it's quick and easy to update the sanitization logic across all agents.
This is the current state for our agents
processors
)password, passwd, pwd, secret, *key, *token*, *session*, *credit*, *card*, authorization, set-cookie
(from 4.0 released before or around 7.11)password, passwd, pwd, secret, *key, *token*, *session*, *credit*, *card*, authorization, set-cookie
password, passwd, pwd, secret, *key, *token*, *session*, *credit*, *card*, authorization, set-cookie
password, passwd, pwd, secret, *key, *token*, *session*, *credit*, *card*, authorization, set-cookie
Status
The text was updated successfully, but these errors were encountered: