Default Value: true
Valid Values: true, false
Changes Take Effect: Immediately on the T-Server side and after restart on the Connector side
When set to true, sensitive customer data is hidden in log files of T-Server and Connector in the following attributes: AttributeCollectedDigits, AttributeLastDigit, AttributeDTMFDigits, and AttributeTreatmentParms. In CTI link messages, sensitive data is hidden in Data and Treatment-Params headers.
Hiding Sensitive Data
T-Server and Connector for Skype for Business components can print customer sensitive information in log files in:
- CTI link messages (both components)
- T-Library messaging (T-Server component)
- Specific debug information added for troubleshooting
The sensitive content includes:
- User Data in T-Events
- Content of Collected Digits
- Instant messages
- Treatment prompts
The option that controls whether potentially sensitive data is printed in the T-Server log file is hide-sensitive-data, which is configured in the [TServer] section of the T-Server Application. The default value of this option is true, meaning that the following sensitive data will be hidden in the T-Server log file:
- AttributeCollectedDigits, AttributeLastDigit, AttributeDTMFDigits, AttributeTreatmentParms will be hidden in T-Library requests and events.
- The headers “Data” and “Treatment-Params” will be hidden in CTI link messages. Instead of printing the actual data transmitted between T-Server and Connector, the log file will contain a string: **** (length:nn), where nn is the length of the original data.
This feature can be disabled by setting the option value to false.
CTI Message Headers
The CTI messages used by T-Server and Connector contain various Microsoft Lync TServer Protocol (MLTP) message headers. The Connector can be configured with a list of MLTP message headers that might contain potentially sensitive data and should not be printed in the log file. Instead of printing the actual data transmitted between T-Server and Connector, the log file will contain a string: **** (length:nn), where nn is the length of the original data.
To hide message headers, in the Annex tab of the Switch configuration object, in the [log] section, set the hide-header option to a comma-separated list of MLTP message headers that must not be printed in the log file.
[mslync] handle MLTP message PARTY_CREATED * MLTP/1.0 media: voice from: sip:email@example.com to: sip:firstname.lastname@example.org party-state: ALERTING
If hide-header=media,from,to,party-state, the following would be printed instead in the log file:
[mslync] handle MLTP message PARTY_CREATED * MLTP/1.0 media: **** (length:5) from: **** (length:21) to: **** (length:21) party-state: **** (length:8)