About this task
You can configure the log4j utility to prevent sensitive
information such as credit card number, passwords, and so forth from
being logged in the log messages. To mask the sensitive information,
you must use the application-provided custom log4j Layout and Filter
and also define a set of named regular expressions in the customer_override.properties
file.
The custom log4j layout will get the formatted message
and filter the results based on a set of configurable regular expressions.
This custom log4j filter will allow you to match the message against
a set of regular expressions and discard the message, if it matches.
To
mask sensitive information during logging:
- Change the layout class name in the custom logging configuration
to SCIFilteredPatternLayout. For example:
<layout
class="com.sterlingcommerce.woodstock.util.frame.logex.SCIFilteredPatternLay
out">
<param name="ConversionPattern" value="%d:%-7p:%t: %-60m
[%X{AppUserId}]: %-25c{1}%n"/>
<param name="FilterSet" value="common-filter"/> <!-- Optional -->
</layout>
- Change the filter class name in the custom logging configuration
to SCIPatternFilter. For example:
<filter
class="com.sterlingcommerce.woodstock.util.frame.logex.SCIPatternFilter">
<param name="FilterSet" value="suppress" /> <!-- Optional -->
</filter>
- Define a set of named regular expressions against which
you want to match the message in the <INSTALL_DIR>/properties/customer_
overrides.properties file using following properties:
filterset.<name>.pattern.<num>=<pattern>
This property is optional:
filterset.<name>.replace.<num>=<replace>
where <pattern> is
a Java-style regular expression and defines the regular expression
against which you want to match the message string. The replace property
is optional, and defines the string which will be used to replace
the expression.
You can set the default FilterSet parameters
by setting the following properties:
default.filter.filterset=<filter_name>
default.layout.filterset=<layout_name>
You
can also define a common set of regular expression patterns across
multiple filter sets as following:
filterset.name.includes=<name1>,<name2>,...
You can view the <INSTALL_DIR>/properties/logfilter.properties.in
file to see some sample entries for defining these properties.