Hey,
i have a running elk enviroment(logstash elasticsearch and kibana). Its working fine so far. The problem is that i have to exchange some data(ip adress, hostname, mac adress, etc.) with pseudonyms befor the logs are displayed in kibana, its a privacy thing.
Are there any approved solutions for automatic pseudonymizing data and a option to reidentifing the data in this case?
thanks and greetings
RickX
If you have access to queries you can write a script that replace fields, overwriting same named fields and replacing few middle caracters with '*'.
Hope it may help.
You're best off doing that with Logstash during processing, there are a number of filters that can handle this.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.