Is your enhancement request related to a problem? Please describe.
When I look at logs of function workers, I can see where database passwords are revealed in plain text.
This is an example snippet of logs I see. I've replaced some information with placeholders in all-caps, like USERNAME and PASSWORD. Most sensitive information is seen under configs.
Note that this is also the ClickHouse JDBC sink.
Describe the solution you'd like
For database credentials (at least) to not be exposed in the logs, or some option to disable it. I can already restrict access to who can administrate the cluster, but I cannot as easily restrict what logs someone is able to see in our log monitoring solution.
Is your enhancement request related to a problem? Please describe. When I look at logs of function workers, I can see where database passwords are revealed in plain text.
This is an example snippet of logs I see. I've replaced some information with placeholders in all-caps, like
USERNAME
andPASSWORD
. Most sensitive information is seen underconfigs
.Note that this is also the ClickHouse JDBC sink.
Describe the solution you'd like For database credentials (at least) to not be exposed in the logs, or some option to disable it. I can already restrict access to who can administrate the cluster, but I cannot as easily restrict what logs someone is able to see in our log monitoring solution.