I'm wondering if anyone has successfully masked ip addresses in nginx before they are written to a log file.
I understand there are reasons why you would and would not do this.
Anyway, my config so far, which I believe works for ipv4 addresses, but probably on only a few formats of ipv6 addresses. I've used secondary map directives to append text to the short ip address as I couldn't work out how to concatenate the variable with text, so concatenated two variables instead. (Hope that makes sense).
log_format ipmask '$remote_addr $ip_anon';
map $remote_addr $ip_anon {
  default $remote_addr;
  "~^(?P<ipv4>[0-9]{1,3}\.[0-9]{1,3}.)(?P<junkv4>.*)" $ipv4$ipv4suffix;
  "~^(?P<ipv6>[^:]+:[^:]+)(?P<junkv6>.*$)" '$ipv6 $junkv6';
map - $ipv4suffix{
 default 0.0;
map - $ipv6suffix{
  default XX;
server {
  listen 8080;
  listen [::]:8080;
  server_name _;
  access_log /tmp/ngn-ip.log ipmask;
  allow all;
Anyone got any thoughts on this?
nginx mailing list

Reply via email to