It's possible to read "credentials/sensitive info" from environment variables?

[igorgomeslima]

Serilog Settings Configuration(Serilog.Sinks.Datadog.Logs):

Sample:

"Serilog": {
  "Using": [ "Serilog.Sinks.Datadog.Logs" ],
  "MinimumLevel": "Debug",
  "WriteTo": [
    { "Name": "Console" },
    {
      "Name": "DatadogLogs",
      "Args": {
        //"apiKey": "<API_KEY>",
        "apiKey": "${READ_IT_FROM_ENVIRONMENT_VARIABLE:VARIABLE_NAME}", //<- This approach does not exist/does not work.
      }
    }
  ],
  "Enrich": [ "FromLogContext", "WithMachineName", "WithThreadId" ],
  "Properties": {
    "Application": "Sample"
  }
}

We have something similar in NLog: ${environment:ENVIRONMENT_VARIABLE_NAME}.

Environment layout renderer

Sample:

NLog.config(NLog.Targets.ElasticSearch)

...
<target xsi:type="ElasticSearch"
                ...
                username="${environment:ELASTICSEARCH_USER}"
                password="${environment:ELASTICSEARCH_PASSWORD}"
                layout="${verbose}">
          <field name="host" layout="${machinename}"/>
        </target>
...

[nblumhardt]

This is provided natively by Microsoft.Extensions.Configuration; I think the variable you'd need to set in this case is something like SERILOG__WRITETO__1__ARGS__APIKEY.

Might need a bit of digging around, unfortunately setting values in arrays using environment variables can be awkward. HTH!

[igorgomeslima]

@nblumhardt Thanks for your time! Any specific documentation about it? I thought of using: Placeholder Provider instead.

[nblumhardt]

It's not a Serilog feature so docs.microsoft.com (IIRC) would be the place to find it but I wasn't able to track anything down with a quick skim. Placeholder Provider looks like another good option 👍

[0xced]

@nblumhardt's answer is right, you need to set the Serilog__WriteTo__1__Args__apiKey environment variable in order to override the value from the appsettings.json file.

The __1__ is the (zero-based) index in the WriteTo array, it's indeed awkward and error prone if you reorder your sinks in the configuration file.

Official documentation:

• Configuration in .NET
• Environment variable configuration provider
• Configuration in ASP.NET Core

Sample.csproj:

<Project Sdk="Microsoft.NET.Sdk">

  <PropertyGroup>
    <OutputType>Exe</OutputType>
    <TargetFramework>net6.0</TargetFramework>
    <Nullable>enable</Nullable>
  </PropertyGroup>

  <ItemGroup>
    <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="7.0.0" />
    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="7.0.0" />
    <PackageReference Include="Serilog.Settings.Configuration" Version="3.4.0" />
    <PackageReference Include="Serilog.Sinks.Console" Version="4.1.0" />
    <PackageReference Include="Serilog.Sinks.Datadog.Logs" Version="0.5.1" />
  </ItemGroup>

  <ItemGroup>
    <None Update="appsettings.json" CopyToOutputDirectory="PreserveNewest" />
  </ItemGroup>

</Project>

Program.cs:

using Microsoft.Extensions.Configuration;
using Serilog;

var configuration = new ConfigurationBuilder().AddJsonFile("appsettings.json").AddEnvironmentVariables().Build();
using var logger = new LoggerConfiguration().ReadFrom.Configuration(configuration).CreateLogger();
logger.Information("Hello, World!");

Run this sample code with the Serilog__WriteTo__1__Args__apiKey environment variable set to your API key and you should see your log in Datadog.

[igorgomeslima]

Thank's for insights guys! I know about the "Configuration", when I mentioned "Documentation" I meant specifically to "How read from appsettings using index? How index works in appsettings? Any official sample at DOC's, like Serilog__WriteTo__1__Args__apiKey or similar?". Anyway, it's help. 😀

[0xced]

It's all in the Configuration in ASP.NET Core documentation. Look at Bind an array and Naming of environment variables specifically.