Thanks! I ended up creating a lua decoder:
------------------------------------------------
require "string"
function process_message ()
local message = read_message("Payload")
local matches = 0
message, matches = string.gsub(message, 'password=[%a%d]+',
"password=[filtered]")
message, matches = string.gsub(message, 'custid=[%a%d%%]+',
"custid=[filtered]")
write_message("Payload", message)
return 0
end
function timer_event(ns)
end
--------------------------------------------------
Any thoughts on how crappy this decoder is?
--Michael
On Tue, Jan 20, 2015 at 9:48 AM, Michael Trinkala <[email protected]>
wrote:
> You can strip it in a SandboxDecoder (on the way into Heka) or in a
> SandboxEncoder (on the way out) depending on your requirements. You would
> just do a search and replace on the request_uri (if you are using the
> common log format grammars).
>
> On another note, having sensitive information in the URI is a bad idea,
> there are several way it can be leaked.
>
> Trink
>
>
>
> On Mon, Jan 19, 2015 at 1:50 PM, Michael Giannini <
> [email protected]> wrote:
>
>> Hi All,
>>
>> I looking for a way to remove sensitive information (passwords, users,
>> etc) from messages sent to heka. I'd like to centralize the filtering
>> thorough heka using the server or damon worker. Is this possible?
>>
>> for example: www.sensetive.site?password=23423346&user=kioberh. How do I
>> replace the password/user with [filtered]?
>>
>> Thanks,
>> Michael
>>
>> _______________________________________________
>> Heka mailing list
>> [email protected]
>> https://mail.mozilla.org/listinfo/heka
>>
>>
>
_______________________________________________
Heka mailing list
[email protected]
https://mail.mozilla.org/listinfo/heka
