https://github.com/localvore-today/secure_log_formatter

Secure log formatting for Elixir
https://github.com/localvore-today/secure_log_formatter

elixir formatting logging secure-logging

Last synced: 4 months ago
JSON representation

Secure log formatting for Elixir

• Host: GitHub
• URL: https://github.com/localvore-today/secure_log_formatter
• Owner: localvore-today
• License: mit
• Created: 2017-05-02T02:13:31.000Z (about 9 years ago)
• Default Branch: master
• Last Pushed: 2017-07-18T06:42:12.000Z (almost 9 years ago)
• Last Synced: 2025-10-21T18:46:36.109Z (8 months ago)
• Topics: elixir, formatting, logging, secure-logging
• Language: Elixir
• Homepage:
• Size: 10.7 KB
• Stars: 10
• Watchers: 3
• Forks: 3
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# SecureLogFormatter [![Build Status](https://travis-ci.org/localvore-today/secure_log_formatter.svg?branch=master)](https://travis-ci.org/localvore-today/secure_log_formatter)

A secure formatter for Elixir Logger and replacement for `Kernel.inspect/1`.  Using blacklisted keys and patterns `SecureLogFormatter` will identify and redact sensitive information from logs with ease.

## Installation

```elixir

def deps do

  [{:secure_log_formatter, "~> 1.0"}]

end

```

Like living on the edge?  Want the latest and greatest?

```elixir

def deps do

  [{:secure_log_formatter,

  	github: "localvore-today/secure_log_formatter"}]

end

```

## Usage

```elixir

config :logger,

  secure_log_formatter:

    [

      # Map and Keyword List keys who's value should be hidden

      fields: ["password", "credit_card", ~r/.*_token/],

      # Patterns which if found, should be hidden

      patterns: [~r/4[0-9]{15}/], # Simple credit card example

      # defaults to "[REDACTED]"

      replacement: "[PRIVATE]"

    ]

```

#### Log formatting

Using `SecureLogFormatter` is easy, we only need to pass a tuple to the `:format` option for our logging backend(s):

```elixir

config :logger,

  console: [format: {SecureLogFormatter, :format}]

```

If we give it awhirl:

```elixir

iex> Logger.info("Customer Credit Card: 4111111111111111")

15:39:40.169 [info]  Customer Credit Card: [PRIVATE]

```

#### Replacing `inspect/1`

To leverage `SecureLogFormatter.inspect/1` in place of `Kernel.inspect/1` we can add two lines to the top of our files:

```elixir

import Kernel, except: [inspect: 1]

import SecureLogFormatter, only: [inspect: 1]

```

With this change calls to `inspect/1` will be handled by `SecureLogFormatter`:

```elixir

iex> inspect(%{access_token: "secret_token", password: "abc123", username: "doomspork"})

"%{access_token: \"[PRIVATE]\", password: \"[PRIVATE]\", username: \"doomspork\"}"

```

## License

SecureLogFormatter source code is released under MIT.

See [LICENSE](LICENSE) for more information.