ProtectedLogListener

/2019-09-18/

Q: How can I remove sensitive information on the logs, and what is the proper way to handle logging process in jPOS?

A:

You can add the ProtectedLogListener to your logger configuration. If you’re using the default Q2 logger, configured in deploy/00_logger.xml, you could add something like this:

<logger name="Q2" class="org.jpos.q2.qbean.LoggerAdaptor">
  <log-listener class="org.jpos.util.ProtectedLogListener">
    <property name="protect" value="2 14 34 35 45 111.2 111.14 111.35 111.45" />
    <property name="wipe"    value="52 55" />
  </log-listener>
  <log-listener class="org.jpos.util.SimpleLogListener" />
  <log-listener class="org.jpos.util.DailyLogListener">
    <property name="prefix" value="log/q2" />
    <property name="date-format" value="-yyyy-MM-dd-HH"/>
  </log-listener>
</logger>

By adding the ProtectedLogListener before other log listeners, the fields configured in the protect will be properly masked, and those configured as wipe will get wiped.

The message would look something like this:

    <isomsg direction="incoming">
      <field id="0" value="0200"/>
      <field id="2" value="411111______1111"/>
      <field id="3" value="003000"/>
      <field id="4" value="000000000100"/>
      <field id="7" value="0903190443"/>
      <field id="11" value="253632"/>
      <field id="12" value="044359"/>
      <field id="13" value="0903"/>
      <field id="14" value="____"/>
      <field id="18" value="5533"/>
      <field id="19" value="036"/>
      <field id="22" value="012"/>
      <field id="25" value="00"/>
      <field id="41" value="00000001"/>
      <field id="42" value="000000000000001"/>
    </isomsg>