kenliao94 commented on PR #1251: URL: https://github.com/apache/activemq/pull/1251#issuecomment-2224762134
> > we will ship a default configuration for audit log .. > > If by 'we' you mean your organization, good to go =) > > If by 'we' you mean Apache, then I don't see us changing the default Apache distribution config for this. I can see your concern. By "we" I meant developers in this community :) When developers deploy ActiveMQ for their customers, their customers may want sensitive data to be redacted. For instance, in `AuditLogEntry.java` fields that are annotated by `@Sensitive` (such as password) are redacted in the audit.log. So in my opinion, it is probably better to have it default redacted (possibly other fields in the HTTP parameters as well) to avoid potential compliance issues. I will focus on documenting the instructions to configure the log filter nevertheless. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] For further information, visit: https://activemq.apache.org/contact
