Masking Data in Log Files
I was wondering if the following entries to prconfig.xml (or DSS) are still valid for 7.2.2 to mask data in alert logs and if there are matching items for the PegaRuLES log:
https://pdn.pega.com/support-articles/how-remove-sensitive-data-alert-logs
- Add the following setting to prconfig.xml to suppress the sensitive property values:
- <env name="alerts/database/operationTimeThreshold/suppressInserts" value="true" />
- This setting will suppress the sensitive property values (and replace them with question marks).
- To suppress information in parameters, add the following setting to prconfig.xml:
- <env name="alerts/general/includeparameterpage" value="false" />
- This setting determines if the parameter page of the top-most stackframe will be included in the ALERT log when the alert is generate
What other solutions have been implemented for PegaRULES log files?
**Moderation Team has archived post**
This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.
Thank you Vikesh - that is very helpful!
Hi Vikash,
It will great if you could clarify the below
- Is it a mandate to have the mentioned settings in prconfig.xml or can we also have as DSS settings
- In case of an alert as mentioned below what should be the value of obfuscatekeyword?
2018-02-07 03:16:47,806 GMT*8*PEGA0001*3897*1000*1498bc0a6d0f1ecde5ab472d96dbc38b*NA*NA*H9B891CB0B920FB6AA2399A3AA8BE821E*0*13*****pxCommitRowCount=2;pzPrimaryPageName=RH_1;$PRH_1$ppyBatchLoginPassword=rules
3. Should it be like <env name="alerts/parameterpage/obfuscateKeywords" value="$PRH_1$ppyBatchLoginPassword" />
Regards,
Karthik
1. You can use an equivalent DSS setting.
2. Yes the value that you have mentioned in 3 should work.
Hi Vikash,
Thanks for your response.
We are getting the below in our alert logs (Pega 7.2.2)
2018-03-14 09:54:46,289 GMT*8*PEGA0001*24360*1000*1f2d56cae162d54a35f31032f6b7c3b1*NA*NA*H6EDACFDD512F3C4F99D33CA0DACE5471*karthik*Cp-FW-GMFW-Work*GMFW:01.01.01*7084775ea7e82ab5ea4ef001f0c89d14*Y*87*H6EDACFDD512F3C4F99D33CA0DACE5471*83*http-nio-8080-exec-93*TABTHREAD4*com.pega.pegarules.session.internal.engineinterface.service.HttpAPI*core-platform-test.cmp.dev.cba|127.0.0.1*Activity=FinishAssignment*Rule-Obj-Activity:FinishAssignment*WORK- FINISHASSIGNMENT #20140929T092455.027 GMT Step: 38 Circum:******************************************************$ppyMergeBranchList$l1$ppyMergeRuleSetList$l1$ppySourceRuleSetVersionPassword=GCMfw
Added the suggested DSS settings which reflects in the prconfig.xml (after the restart) as below
<env name="alerts/database/operationtimethreshold/suppressinserts" value="true" />
<env name="alerts/general/includeparameterpage" value="false" />
<env name="alerts/parameterpage/remotefiltertype" value="obfuscate" />
<env name="alerts/parameterpage/obsfucatekeywords" value="$PpyWorkPage$ppyMergeBranchList$l1$ppyMergeRuleSetList$l1$ppyRuleSetVersionPassword" />
But still the password is captured as part of the alert logs. Any other suggestions to resolve the issue would be highly appreciated .
Hi,
These are valid for 7.2.2 version, please restart the server once you had included in prconfig.xml file.
I have updated the prconfig/alerts/parameterpage/remoteFilterType/default value to obfuscate in DSS settings and restarted the server. But still i'm seeing the parameter values for PEGA0001 in alert logs. We are using PEGA 7.1.7, any thoughts?
Hi Nagarjun,
Can you try with the below value:
value = "ppySourceRuleSetVersionPassword"
Regards,
Vikash
Hi,
We are using 7.3.0.
I have update these DDS:
prconfig/alerts/parameterpage/obfuscatekeywords/default = pNumber;pFirstName;pLastName
prconfig/alerts/parameterpage/remotefiltertype/default = obfuscate
after restart the server, the values in PegaRULES-ALERT.log was not masked.
Hi ,
Yes, these settings are valid for 7.2.2. You check the below link to verify the same:
https://pdn.pega.com/sites/pdn.pega.com/files/help_v722/procomhelpmain.htm#engine/alerts/alerts-suppressing-data-tsk.htm
You can also use below settings in prconfig.xml:
The following prconfig entry will do obfuscation of parameter values <env name="alerts/parameterpage/remoteFilterType" value="obfuscate" />.
You will can specify the parameters to obfuscate in the alert logs using <env name="alerts/parameterpage/obfuscateKeywords" value="" />. The value should contain the parameter names separated by semi-colon.
Regards,
Vikash