wfgilman
Filter sensitive logging data
I am getting closer to putting my Elixir backend API in production and have a question about logging. Currently when a 500 error occurs in an API call, the entire Plug is posted to my logging service. This includes the JWT used in the request and secret key base used to decrypt the JWT.
Is there any way to filter this sensitive data from being written to the logs? Phoenix does this automatically for things like user passwords, and I thought Ecto did something similar. Unfortunately I can’t seem to find documentation on it.
Most Liked
outlog
config :phoenix, :filter_parameters, ["password", "secret"]
https://hexdocs.pm/phoenix/Phoenix.Logger.html
or check your logging service for equivalent…
wfgilman
Gotcha, but that’s just for incoming parameters correct? There’s no way to filter sensitive information logged during an error?








