Anonymize part of string

sholzhauer · October 26, 2023, 10:29am

On a non-elastic related note, using the URL to store secrets is bad idea, if at all possible I would advise you to have the application changed instead of only obfuscating the logs within elastic.

Couple of sources to help understand why this is a bad idea:

Information exposure through query strings in url | OWASP Foundation
OWASP Top Ten 2017 | A3:2017-Sensitive Data Exposure | OWASP Foundation
web application - Should sensitive data ever be passed in the query string? - Information Security Stack Exchange

Topic		Replies	Views
Logstash - obscure sensitive fields before putting them to the ES Logstash	9	2048	July 6, 2017
Anonymization of sensitive data by Logstash Logstash	9	2052	September 22, 2020
Logstash Anonymize plugin Logstash	3	899	July 6, 2017
Logstash and Anonymize Elasticsearch	2	529	July 6, 2017
Sensitive information parsing Logstash	4	549	March 21, 2018

Anonymize part of string

Related topics