search

serilog-contrib / Serilog.Enrichers.Sensitive

A Serilog LogEvent enricher that masks sensitive data
MIT License
111 stars 23 forks source link

How to add custom MaskingOperators from appsetings.json? #24

Closed alexandries98 closed 1 year ago

alexandries98 commented 1 year ago

Hello,

I made a custom masking operator that is working via code configuration, but for some reason it can not be seen from the appsettings.json.

This is the custom masking operator.

namespace SerilogPOC.API.LoggingMasks
{
    public class CustomSecretMaskingOperator : RegexMaskingOperator
    {
        public CustomSecretMaskingOperator() 
            : base("[a-z]*#[a-z]*")
        {
        }

        protected override string PreprocessMask(string mask, Match match)
        {
            var tokens = match.Value.Split("#");

            return tokens[0] + "#" + mask; 
        }
    }
}

This is how I am using it in code and it works as expected.

.UseSerilog((context, services, cfg) => cfg
            .ReadFrom.Configuration(configuration)
            .Enrich.WithSensitiveDataMasking(operations =>
            {
                operations.MaskingOperators.Add(new CustomSecretMaskingOperator());
                operations.MaskValue = "**SECRET**";
            }));

But, when it comes to use it from the appsetings, things just don't work and I don't know what I am doing wrong.

.UseSerilog((context, services, cfg) => cfg
            .ReadFrom.Configuration(configuration));
{
  "Serilog": {
    "Using": [
      "Serilog.Sinks.Console",
      "Serilog.Sinks.File",
      "Serilog.Enrichers.Environment",
      "Serilog.Enrichers.Sensitive",
      "API"
    ],
    "WriteTo": [
      { "Name": "Console" },
      {
        "Name": "File",
        "Args": {
          "path": "log.txt",
          "outputTemplate": "[{MachineName}] {Timestamp:yyyy-MM-dd HH:mm:ss} [{Level:u3}] {Message:lj}\n",
          "rollingInterval": "Day",
          "rollOnFileSizeLimit": true,
          "fileSizeLimitBytes": 20480,
          "retainedFileCountLimit": 10
        }
      }
    ],
    "Enrich": [
      { "Name": "WithMachineName" },
      {
        "Name": "WithSensitiveDataMasking",
        "Args": {
          "options": {
            "MaskValue": "**SECRET**",
            "MaskingOperators": [ "CustomSecretMaskingOperator" ]
          }
        }
      }
    ]
  }
}

The assembly name where my custom masking operator is defined is API and I am including it in Using. Am I doing things wrong in MaskingOperators or in any other part, or it is simply not possible to achieve this behavior?

Thank you!

sandermvanvliet commented 1 year ago

Currently this is not supported because the Serilog configuration library doesn’t know how to deal with an array of instances. Or, at least not in this form.

I’ve started some investigation as this topic has come up three times by three different people in the last two weeks 😅

alexandries98 commented 1 year ago

Oh, alright! Many thanks. Have a great day! 😄

sandermvanvliet commented 1 year ago

Release 1.7.1 now supports this. Have a look at the README on how to configure.