search

serilog-contrib / Serilog.Enrichers.Sensitive

A Serilog LogEvent enricher that masks sensitive data
MIT License
114 stars 23 forks source link

Not masking nested data #16

Closed Cheshirre closed 1 year ago

Cheshirre commented 1 year ago

Example: Key - "request_headers" ValueDictionary [("Accept": "*/*"), ("Connection": "keep-alive"), ("Host": "localhost:7249"), ("User-Agent": "PostmanRuntime/7.29.2"), ("Accept-Encoding": "gzip, deflate, br"), ("Authorization": "Bearer aaaaaaaa1111-2222-4444-222ddddddddd"),("Postman-Token": "55b708e9-801e-45c3-870b-7520bc498711")] I want always mask Authorization header. I've try to add 

var logger = new LoggerConfiguration()
    .Enrich.WithSensitiveDataMasking(options => options.ExcludeProperties.Add("Authorization "))
    .WriteTo.Console()
    .CreateLogger();

to my code.

What is going wrong?

sandermvanvliet commented 1 year ago

Could you provide me with a C# reproduction case for this? From the example you provided I can't really determine how you're actually logging this.

One thing that you do need to do differently is use MaskProperties.Add("Authorization") instead of using ExcludeProperties. From the documentation here you can see that ExcludeProperties is used to ensure that the given property is never masked.

sandermvanvliet commented 1 year ago

Ok so I think I found what is causing problems for you. The enricher didn't support dictionaries yet and if I understand it correctly that's what you're passing in to the log message property.

I've added support for dictionary values now, that is in release 1.5.1 which should hit NuGet in the next few minutes :+1:

Cheshirre commented 1 year ago

I use MaskProperties.Add("Authorization"), yes.

Cheshirre commented 1 year ago

Thank you, I'll try new version!