[jira] [Commented] (KAFKA-7510) KStreams RecordCollectorImpl leaks data to logs on error

Fri, 04 Jan 2019 04:03:40 -0800 


    [ 
https://issues.apache.org/jira/browse/KAFKA-7510?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16734079#comment-16734079
 ] 

ASF GitHub Bot commented on KAFKA-7510:
---------------------------------------

mjsax commented on pull request #5834: refs KAFKA-7510, preventing data being 
leaked to logs by default
URL: https://github.com/apache/kafka/pull/5834
 
 
   
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> KStreams RecordCollectorImpl leaks data to logs on error
> --------------------------------------------------------
>
>                 Key: KAFKA-7510
>                 URL: https://issues.apache.org/jira/browse/KAFKA-7510
>             Project: Kafka
>          Issue Type: Improvement
>          Components: streams
>            Reporter: Mr Kafka
>            Assignee: Mr Kafka
>            Priority: Major
>              Labels: user-experience
>
> org.apache.kafka.streams.processor.internals.RecordCollectorImpl leaks data 
> on error as it dumps the *value* / message payload to the logs.
> This is problematic as it may contain personally identifiable information 
> (pii) or other secret information to plain text log files which can then be 
> propagated to other log systems i.e Splunk.
> I suggest the *key*, and *value* fields be moved to debug level as it is 
> useful for some people while error level contains the *errorMessage, 
> timestamp, topic* and *stackTrace*.
> {code:java}
> private <K, V> void recordSendError(
>     final K key,
>     final V value,
>     final Long timestamp,
>     final String topic,
>     final Exception exception
> ) {
>     String errorLogMessage = LOG_MESSAGE;
>     String errorMessage = EXCEPTION_MESSAGE;
>     if (exception instanceof RetriableException) {
>         errorLogMessage += PARAMETER_HINT;
>         errorMessage += PARAMETER_HINT;
>     }
>     log.error(errorLogMessage, key, value, timestamp, topic, 
> exception.toString());
>     sendException = new StreamsException(
>         String.format(
>             errorMessage,
>             logPrefix,
>             "an error caught",
>             key,
>             value,
>             timestamp,
>             topic,
>             exception.toString()
>         ),
>         exception);
> }{code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to