[Feature Request] Provide granular PII obfuscation mechanism

[rymeskar]

Today, the pii handling in the log callback forces the consumers to one of the following:

• receive the same log messages twice
  • once with blurred out PII so missing the possibility for backtracking/debugging the issue in all the detail.
  • once in plaintext but without the possibility to selectively obfuscate some of the arguments in order to have both a meaningful backtracking/debugging low-level mechanism as well as the privacy.
• receive only the blurred out PII msessage.

The ask is to:

• Log the same message only once (performance)
• Have debugging capabilities as well as privacy support through custom-obfuscating parts of the log message. The customers could then implement their chosen mechanism for obfuscation parts of the message that still keeps the low-level debugging features.

[bgavrilMS]

See ILogScrubber in MISE

[rymeskar]

Yeah, ILogScrubber ala MISE would be great.

[TimHannMSFT]

Thanks @rymeskar, @sruke will be picking this work up. Plan is to offer something similar to MISE concept all down the stack (and into MS.IM/Wilson

[KalleOlaviNiemitalo]

Is MISE a Microsoft internal library (maybe an abbreviation for Microsoft.Internal.Security.Extensions) and ILogScrubber an interface in it? I found only https://github.com/microsoft/Omex/pull/417.

[rymeskar]

Microsoft.Extensions 8 now has a redaction support: https://learn.microsoft.com/en-us/dotnet/api/microsoft.extensions.compliance.redaction.redactor?view=dotnet-plat-ext-8.0