Obscuring configuration entries


(Kornicameister) #1

In Logstash base plugin there are several places where plugin writes down its current state upon certain events.

That's indeed very useful but problematic if such configuration contains vulnerable data.
My questions is if that would be possible to obscure certain configuration entries in order for them not to be included in log files ?

For now the only reasonable solution would be to override all such methods and use own output message instead of self which evaluates to something similar to object tree. Perhaps there's another approach ?


(Aaron Mildenstein) #2

Please raise an issue for this at https://github.com/elastic/logstash/issues


(system) #3