Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature]: 关于OBDIAG对收集的日志进行脱敏的建议 #374

Open
way2questions opened this issue Aug 1, 2024 · 2 comments
Open

[Feature]: 关于OBDIAG对收集的日志进行脱敏的建议 #374

way2questions opened this issue Aug 1, 2024 · 2 comments
Assignees
@wayyoungboy
Milestone
v2.5.0

Comments

@way2questions
Copy link

way2questions commented Aug 1, 2024
edited
Loading

Describe your use case

目前OB和OBPROXY的日志内不可避免的会记录一下SQL信息,这些SQL信息可能会包含敏感数据,需要脱敏

Describe the solution you'd like

1,在obdiag收集OB日志后或收集过程中,将目前OB日志内与业务相关的SQL语句(select、delete、update、insert)中的敏感信息(包括但不限于姓名、性别、手机号、银行卡号、联系方式)进行部分或全部脱敏

2,在obdiag收集OB日志后或收集过程中,将目前OBPROXY日志内与业务相关的SQL语句(select、delete、update、insert)中的敏感信息(包括但不限于姓名、性别、手机号、银行卡号、联系方式)进行部分或全部脱敏

例子:假设OB日志内有如下SQL:
select name from testtable where phone='12345678901' and name='jack'
脱敏后:
select name from testtable where phone='123*****901' and name='j**k'

Describe alternatives you've considered

No response

Additional context

No response
@way2questions
Copy link
Author

在代码实现上,可能不可避免的要逐行读取日志然后写入新文件,需要考虑的几个点:
1,新生成的文件,需要考虑不对obdiag的其他模块的使用产生影响(如根因分析模块的日志分析功能)
2,新生成的文件在文件修改时间,操作系统文件排序上应该与原始文件也是不同的,故在进行原始文件的读取、新的文件的创建写入等操作时,需要保证与原始文件的顺序相对一致

@Teingi
Copy link
Contributor

Teingi commented Aug 2, 2024

方式1:支持第三方脚本来脱敏;
方式2:obdiag 本身对日志脱敏;

支持用户选择

@wayyoungboy wayyoungboy added this to the v2.5.0 milestone Sep 13, 2024
@wayyoungboy wayyoungboy self-assigned this Sep 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@wayyoungboy wayyoungboy

Labels
None yet
Projects
None yet
Milestone
v2.5.0
Development

No branches or pull requests
3 participants
@way2questions @wayyoungboy @Teingi