Elastic APM Java agent - sanitize_fields_names on application/json* data

YuZhenXie · December 10, 2019, 2:04am

Is it possible to support sanitize_fields_names configuration for application/json* data?Sometimes, requests body contains sensitive data sent to APM when capture_body is enabled.

We hope those fields can be sanitized. We have one way to sanitize them, which is to sanitize/filter out them by ourselves and add them into custom context manually, but we wonder is it possible that Elastic support this function or any suggestion?

Thank you!

Sylvain_Juge · December 10, 2019, 8:56am

Hi @YuZhenXie,

Filtering JSON data at agent level is not supported right now.

However, you can filter data by changing the ingest pipeline used by APM server, which has quite a few advantages:

support for more than just "field name matching", you have access to all ingest pipeline features
no performance overhead on the application

https://www.elastic.co/guide/en/apm/server/current/elasticsearch-output.html#pipeline-option-es
https://www.elastic.co/guide/en/elasticsearch/reference/current/remove-processor.html

YuZhenXie · December 11, 2019, 4:36pm

Hi @Sylvain_Juge,

Thanks for your suggestion! I will try it then!

Topic		Replies	Views
Elastic APM sanitization on message body APM	8	2170	August 5, 2020
Sanitize_field_names confusion, and minimizing payload size APM java	5	1599	March 26, 2020
[REDACTED] Is the marked field blocked by apm APM server	8	1922	February 23, 2021
Need help to understand SanitizeFieldNames APM dotnet	3	643	April 13, 2020
Custom Field in apm client side configuration APM docker , java , server	8	1750	June 28, 2022

Elastic APM Java agent - sanitize_fields_names on application/json* data

Related topics