Need help to understand SanitizeFieldNames

Elastic Observability APM
1

APM Server version: 7.4.2

APM Agent language and version: dotnet 1.4.0

Hi,
I need help to understand the use of SanitizeFieldNames in APM.

If I want to make SanitizeFieldNames to work for a request header called "dontshowthisinapm", the only thing I should do is to add this field's name in the settings for ElasticApm:SanitizeFieldNames
(along with all the defaults "password", "passwd", "pwd", "secret", "*key", "*token*", "*session*", "*credit*", "*card*", "authorization", "set-cookie") ?

Or do I have to do something more to make it work? I added this in the settings:

"ElasticApm": {
		"SecretToken": "verysecrettoken",
		"ServerUrls": "myfineserverurl",
		"ServiceName": "myfantasticservice",
		"TransactionSampleRate": 1.0,
		"SanitizeFieldNames": [
			"dontshowthisinapm",
			"password",
			"passwd",
			"pwd",
			"secret",
			"*key",
			"*token*",
			"*session*",
			"*credit*",
			"*card*",
			"authorization",
			"set-cookie"
		]
	}

The default fields are [REDACTED] in APM, but my new field dontshowthisinapm is not. It's still showing its secret content.

Can someone help me to clarify what I missed in the setup please? :slight_smile:

2

Hi @Goulding, welcome here on discuss :clap:

It should be a single comma separated string, like this (leaving out some of them in my sample):

"ElasticApm": {
		"SecretToken": "verysecrettoken",
		"ServerUrls": "myfineserverurl",
		"ServiceName": "myfantasticservice",
		"TransactionSampleRate": 1.0,
		"SanitizeFieldNames":  "dontshowthisinapm, password, passwd, *key, *token*, set-cookie"
	}
1 Like
3

Thanx a lot! Now it works! :slight_smile:
I have this in my configuration now:
"SanitizeFieldNames": "dontshowthisinapm, password, passwd, pwd, secret, *key, *token*, *session*, *credit*, *card*, authorization, set-cookie"

But.. I discovered that it only works if I place the field dontshowthisinapm first in the string for SanitizeFieldNames. If I also put a field called password with a value in the header of the request, it's visible in APM with the content not redacted. It seems that the defaults isn't filtered out?

If I add another value dontshowthisinapm2 as a second parameter in SanitizeFieldNames it ignores that as well. It seems to me that it only handles the first parameter in SanitizeFieldNames? Or am I still doing something wrong with this configuration? :slight_smile:

4

This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.