Jump to: navigation, search

Hiding Selected Data in Logs

This feature implements a Genesys standard detailed in the Genesys Security Deployment Guide. It enables you to hide selected key/value pairs in the Parameters and UserData attributes of log messages generated by UCS. You can choose to hide just the value itself by replacing it with a series of asterisks (*), or you can remove the whole key/value pair from the log output.

Passwords are automatically hidden in UCS logs.

Configuring [log-filter] and [log-filter-data] sections

This feature is implemented by defining the following configuration options in the UCS cluster Application object or the individual UCS Application object:

  • default-filter-type in the [log-filter] section defines the treatment for all KV pairs in the Parameters and User Data attributes.
    • This setting will be applied to the attributes of all KVList pairs in the attribute except those that are explicitly defined in the [log-filter-data] section.
  • One or more <key-name> options in the [log-filter-data] section define the treatment for specific keys in the log, overriding the default treatment specified by default-filter-type.
    • If no value is specified for this option, no additional processing of this data element is performed.
The default settings of the options enable all data to be visible in the log.

You can get additional implementation samples in the Genesys Security Deployment Guide. For detailed descriptions of the configuration options used to configure this feature, refer to the Framework Configuration Options Reference Manual.

Supported Filters

custom-filter options are not supported.
Filter Name Description
copy The keys and values of the KVList pairs are copied to the log.
hide The keys of the KVList pairs are copied to the log; the values are replaced with strings of asterisks.
skip The KVList pairs are not copied to the log.


Comment on this article:

blog comments powered by Disqus
This page was last modified on May 18, 2018, at 06:55.