logstop 0.2.2 → 0.2.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +27 -6
- data/LICENSE.txt +1 -1
- data/README.md +35 -8
- data/lib/logstop.rb +20 -15
- data/lib/logstop/formatter.rb +13 -2
- data/lib/logstop/version.rb +1 -1
- metadata +11 -74
- data/.gitignore +0 -9
- data/.travis.yml +0 -11
- data/Gemfile +0 -6
- data/Rakefile +0 -33
- data/logstop.gemspec +0 -27
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 06f0dd3d6fdaab9b3b43855f0cfca8d282be00b92b7ca0cce0fca78563e15942
|
4
|
+
data.tar.gz: f6c531bedfc8fff417f150c81ea3c16b0fffcfa2d11a322113f4e46f34061c28
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: cf0546107ba926046989f0962817ddfcd9f5f1b43ed569bdd50982702388a4c4f76ef41bcb74515973a7b4346e11c49c7727a5468c8bf1baabdadbf259284c5c
|
7
|
+
data.tar.gz: ff895c82dd97a3c7977fd30ed360185c05e78cf0db601c548cf39733b37a8367a1934870d2144acf40829896da38bc46a747fc9c1957ff3b635be3a5975d8d43
|
data/CHANGELOG.md
CHANGED
@@ -1,18 +1,39 @@
|
|
1
|
-
## 0.2.
|
1
|
+
## 0.2.7 (2021-02-08)
|
2
|
+
|
3
|
+
- Fixed filtering for URL-encoded emails with `+`
|
4
|
+
|
5
|
+
## 0.2.6 (2020-04-10)
|
6
|
+
|
7
|
+
- Reduced allocations
|
8
|
+
|
9
|
+
## 0.2.5 (2019-10-27)
|
10
|
+
|
11
|
+
- Fixed filtering UUIDs
|
12
|
+
|
13
|
+
## 0.2.4 (2018-12-11)
|
14
|
+
|
15
|
+
- Added `scubber` option for custom rules
|
16
|
+
- Scrub URL-encoded data
|
17
|
+
|
18
|
+
## 0.2.3 (2018-05-16)
|
19
|
+
|
20
|
+
- Fixed tagged logging
|
21
|
+
|
22
|
+
## 0.2.2 (2018-05-15)
|
2
23
|
|
3
24
|
- Added `guard` method
|
4
25
|
|
5
|
-
## 0.2.1
|
26
|
+
## 0.2.1 (2018-05-15)
|
6
27
|
|
7
28
|
- Fix for log broadcaster in Rails console
|
8
|
-
- Fix for
|
29
|
+
- Fix for URL password filtering
|
9
30
|
|
10
|
-
## 0.2.0
|
31
|
+
## 0.2.0 (2018-04-03)
|
11
32
|
|
12
33
|
- Less aggressive filtering on numbers
|
13
|
-
- Filter passwords in
|
34
|
+
- Filter passwords in URLs
|
14
35
|
- Added `Logstop.scrub` method
|
15
36
|
|
16
|
-
## 0.1.0
|
37
|
+
## 0.1.0 (2018-03-31)
|
17
38
|
|
18
39
|
- First release
|
data/LICENSE.txt
CHANGED
data/README.md
CHANGED
@@ -3,7 +3,7 @@
|
|
3
3
|
:fire: Keep personally identifiable information (PII) out of your logs
|
4
4
|
|
5
5
|
```ruby
|
6
|
-
logger.info "Hi test@
|
6
|
+
logger.info "Hi test@example.org!"
|
7
7
|
# => Hi [FILTERED]!
|
8
8
|
```
|
9
9
|
|
@@ -13,15 +13,17 @@ By default, scrubs:
|
|
13
13
|
- phone numbers
|
14
14
|
- credit card numbers
|
15
15
|
- Social Security numbers (SSNs)
|
16
|
-
- passwords in
|
16
|
+
- passwords in URLs
|
17
17
|
|
18
|
-
Works with all types of logging - Ruby,
|
18
|
+
Works with all types of logging - Ruby, Active Record, Active Job, and more
|
19
19
|
|
20
20
|
```
|
21
21
|
User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."email" = ? [["email", "[FILTERED]"]]
|
22
22
|
```
|
23
23
|
|
24
|
-
|
24
|
+
Works even when sensitive data is URL-encoded
|
25
|
+
|
26
|
+
[](https://github.com/ankane/logstop/actions)
|
25
27
|
|
26
28
|
## Installation
|
27
29
|
|
@@ -53,19 +55,35 @@ To scrub IP addresses, use:
|
|
53
55
|
Logstop.guard(logger, ip: true)
|
54
56
|
```
|
55
57
|
|
58
|
+
Add custom rules with:
|
59
|
+
|
60
|
+
```ruby
|
61
|
+
scrubber = lambda do |msg|
|
62
|
+
msg.gsub(/custom_regexp/, "[FILTERED]".freeze)
|
63
|
+
end
|
64
|
+
|
65
|
+
Logstop.guard(logger, scrubber: scrubber)
|
66
|
+
```
|
67
|
+
|
56
68
|
To scrub outside of logging, use:
|
57
69
|
|
58
70
|
```ruby
|
59
71
|
Logstop.scrub(msg)
|
60
72
|
```
|
61
73
|
|
62
|
-
|
74
|
+
It supports the same options as `guard`.
|
63
75
|
|
64
|
-
|
76
|
+
## Notes
|
65
77
|
|
66
|
-
|
78
|
+
This should be used in addition to `config.filter_parameters`, not as a replacement.
|
67
79
|
|
68
|
-
|
80
|
+
Learn more about [securing sensitive data in Rails](https://ankane.org/sensitive-data-rails).
|
81
|
+
|
82
|
+
Also:
|
83
|
+
|
84
|
+
- To scrub existing log files, check out [scrubadub](https://github.com/datascopeanalytics/scrubadub)
|
85
|
+
- To anonymize IP addresses, check out [IP Anonymizer](https://github.com/ankane/ip_anonymizer)
|
86
|
+
- To scan for unencrypted personal data in your database, check out [pdscan](https://github.com/ankane/pdscan)
|
69
87
|
|
70
88
|
## Resources
|
71
89
|
|
@@ -83,3 +101,12 @@ Everyone is encouraged to help improve this project. Here are a few ways you can
|
|
83
101
|
- Fix bugs and [submit pull requests](https://github.com/ankane/logstop/pulls)
|
84
102
|
- Write, clarify, or fix documentation
|
85
103
|
- Suggest or add new features
|
104
|
+
|
105
|
+
To get started with development:
|
106
|
+
|
107
|
+
```sh
|
108
|
+
git clone https://github.com/ankane/logstop.git
|
109
|
+
cd logstop
|
110
|
+
bundle install
|
111
|
+
bundle exec rake test
|
112
|
+
```
|
data/lib/logstop.rb
CHANGED
@@ -4,27 +4,32 @@ require "logstop/version"
|
|
4
4
|
|
5
5
|
module Logstop
|
6
6
|
FILTERED_STR = "[FILTERED]".freeze
|
7
|
-
FILTERED_URL_STR = "\\1[FILTERED]
|
7
|
+
FILTERED_URL_STR = "\\1[FILTERED]\\2".freeze
|
8
8
|
|
9
|
-
CREDIT_CARD_REGEX = /\b
|
10
|
-
|
9
|
+
CREDIT_CARD_REGEX = /\b[3456]\d{15}\b/
|
10
|
+
CREDIT_CARD_REGEX_DELIMITERS = /\b[3456]\d{3}[\s+-]\d{4}[\s+-]\d{4}[\s+-]\d{4}\b/
|
11
|
+
EMAIL_REGEX = /\b[\w]([\w+.-]|%2B)+(?:@|%40)[a-z\d-]+(?:\.[a-z\d-]+)*\.[a-z]+\b/i
|
11
12
|
IP_REGEX = /\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b/
|
12
|
-
PHONE_REGEX = /\b(
|
13
|
-
SSN_REGEX = /\b\d{3}[\s
|
14
|
-
URL_PASSWORD_REGEX = /(
|
13
|
+
PHONE_REGEX = /\b(?:\+\d{1,2}\s)?\(?\d{3}\)?[\s+.-]\d{3}[\s+.-]\d{4}\b/
|
14
|
+
SSN_REGEX = /\b\d{3}[\s+-]\d{2}[\s+-]\d{4}\b/
|
15
|
+
URL_PASSWORD_REGEX = /((?:\/\/|%2F%2F)\S+(?::|%3A))\S+(@|%40)/
|
15
16
|
|
16
|
-
def self.scrub(msg, ip: false)
|
17
|
-
msg = msg.to_s
|
18
|
-
|
19
|
-
msg = msg.gsub(IP_REGEX, FILTERED_STR) if ip
|
17
|
+
def self.scrub(msg, ip: false, scrubber: nil)
|
18
|
+
msg = msg.to_s.dup
|
20
19
|
|
21
20
|
# order filters are applied is important
|
21
|
+
msg.gsub!(URL_PASSWORD_REGEX, FILTERED_URL_STR)
|
22
|
+
msg.gsub!(EMAIL_REGEX, FILTERED_STR)
|
23
|
+
msg.gsub!(CREDIT_CARD_REGEX, FILTERED_STR)
|
24
|
+
msg.gsub!(CREDIT_CARD_REGEX_DELIMITERS, FILTERED_STR)
|
25
|
+
msg.gsub!(PHONE_REGEX, FILTERED_STR)
|
26
|
+
msg.gsub!(SSN_REGEX, FILTERED_STR)
|
27
|
+
|
28
|
+
msg.gsub!(IP_REGEX, FILTERED_STR) if ip
|
29
|
+
|
30
|
+
msg = scrubber.call(msg) if scrubber
|
31
|
+
|
22
32
|
msg
|
23
|
-
.gsub(CREDIT_CARD_REGEX, FILTERED_STR)
|
24
|
-
.gsub(PHONE_REGEX, FILTERED_STR)
|
25
|
-
.gsub(SSN_REGEX, FILTERED_STR)
|
26
|
-
.gsub(URL_PASSWORD_REGEX, FILTERED_URL_STR)
|
27
|
-
.gsub(EMAIL_REGEX, FILTERED_STR)
|
28
33
|
end
|
29
34
|
|
30
35
|
def self.guard(logger, **options)
|
data/lib/logstop/formatter.rb
CHANGED
@@ -2,13 +2,24 @@ require "logger"
|
|
2
2
|
|
3
3
|
module Logstop
|
4
4
|
class Formatter < ::Logger::Formatter
|
5
|
-
def initialize(formatter = nil, ip: false)
|
5
|
+
def initialize(formatter = nil, ip: false, scrubber: nil)
|
6
6
|
@formatter = formatter || ::Logger::Formatter.new
|
7
7
|
@ip = ip
|
8
|
+
@scrubber = scrubber
|
8
9
|
end
|
9
10
|
|
10
11
|
def call(severity, timestamp, progname, msg)
|
11
|
-
Logstop.scrub(@formatter.call(severity, timestamp, progname, msg), ip: @ip)
|
12
|
+
Logstop.scrub(@formatter.call(severity, timestamp, progname, msg), ip: @ip, scrubber: @scrubber)
|
13
|
+
end
|
14
|
+
|
15
|
+
# for tagged logging
|
16
|
+
def method_missing(method_name, *arguments, &block)
|
17
|
+
@formatter.send(method_name, *arguments, &block)
|
18
|
+
end
|
19
|
+
|
20
|
+
# for tagged logging
|
21
|
+
def respond_to?(method_name, include_private = false)
|
22
|
+
@formatter.send(:respond_to?, method_name, include_private) || super
|
12
23
|
end
|
13
24
|
end
|
14
25
|
end
|
data/lib/logstop/version.rb
CHANGED
metadata
CHANGED
@@ -1,95 +1,33 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: logstop
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.7
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andrew Kane
|
8
|
-
autorequire:
|
9
|
-
bindir:
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
12
|
-
dependencies:
|
13
|
-
|
14
|
-
|
15
|
-
requirement: !ruby/object:Gem::Requirement
|
16
|
-
requirements:
|
17
|
-
- - ">="
|
18
|
-
- !ruby/object:Gem::Version
|
19
|
-
version: '0'
|
20
|
-
type: :development
|
21
|
-
prerelease: false
|
22
|
-
version_requirements: !ruby/object:Gem::Requirement
|
23
|
-
requirements:
|
24
|
-
- - ">="
|
25
|
-
- !ruby/object:Gem::Version
|
26
|
-
version: '0'
|
27
|
-
- !ruby/object:Gem::Dependency
|
28
|
-
name: bundler
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
30
|
-
requirements:
|
31
|
-
- - ">="
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version: '0'
|
34
|
-
type: :development
|
35
|
-
prerelease: false
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
37
|
-
requirements:
|
38
|
-
- - ">="
|
39
|
-
- !ruby/object:Gem::Version
|
40
|
-
version: '0'
|
41
|
-
- !ruby/object:Gem::Dependency
|
42
|
-
name: minitest
|
43
|
-
requirement: !ruby/object:Gem::Requirement
|
44
|
-
requirements:
|
45
|
-
- - ">="
|
46
|
-
- !ruby/object:Gem::Version
|
47
|
-
version: '0'
|
48
|
-
type: :development
|
49
|
-
prerelease: false
|
50
|
-
version_requirements: !ruby/object:Gem::Requirement
|
51
|
-
requirements:
|
52
|
-
- - ">="
|
53
|
-
- !ruby/object:Gem::Version
|
54
|
-
version: '0'
|
55
|
-
- !ruby/object:Gem::Dependency
|
56
|
-
name: rake
|
57
|
-
requirement: !ruby/object:Gem::Requirement
|
58
|
-
requirements:
|
59
|
-
- - ">="
|
60
|
-
- !ruby/object:Gem::Version
|
61
|
-
version: '0'
|
62
|
-
type: :development
|
63
|
-
prerelease: false
|
64
|
-
version_requirements: !ruby/object:Gem::Requirement
|
65
|
-
requirements:
|
66
|
-
- - ">="
|
67
|
-
- !ruby/object:Gem::Version
|
68
|
-
version: '0'
|
69
|
-
description:
|
70
|
-
email:
|
71
|
-
- andrew@chartkick.com
|
11
|
+
date: 2021-02-08 00:00:00.000000000 Z
|
12
|
+
dependencies: []
|
13
|
+
description:
|
14
|
+
email: andrew@ankane.org
|
72
15
|
executables: []
|
73
16
|
extensions: []
|
74
17
|
extra_rdoc_files: []
|
75
18
|
files:
|
76
|
-
- ".gitignore"
|
77
|
-
- ".travis.yml"
|
78
19
|
- CHANGELOG.md
|
79
|
-
- Gemfile
|
80
20
|
- LICENSE.txt
|
81
21
|
- README.md
|
82
|
-
- Rakefile
|
83
22
|
- lib/logstop.rb
|
84
23
|
- lib/logstop/formatter.rb
|
85
24
|
- lib/logstop/railtie.rb
|
86
25
|
- lib/logstop/version.rb
|
87
|
-
- logstop.gemspec
|
88
26
|
homepage: https://github.com/ankane/logstop
|
89
27
|
licenses:
|
90
28
|
- MIT
|
91
29
|
metadata: {}
|
92
|
-
post_install_message:
|
30
|
+
post_install_message:
|
93
31
|
rdoc_options: []
|
94
32
|
require_paths:
|
95
33
|
- lib
|
@@ -97,16 +35,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
97
35
|
requirements:
|
98
36
|
- - ">="
|
99
37
|
- !ruby/object:Gem::Version
|
100
|
-
version: '
|
38
|
+
version: '2.2'
|
101
39
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
102
40
|
requirements:
|
103
41
|
- - ">="
|
104
42
|
- !ruby/object:Gem::Version
|
105
43
|
version: '0'
|
106
44
|
requirements: []
|
107
|
-
|
108
|
-
|
109
|
-
signing_key:
|
45
|
+
rubygems_version: 3.2.3
|
46
|
+
signing_key:
|
110
47
|
specification_version: 4
|
111
48
|
summary: Keep personally identifiable information (PII) out of your logs
|
112
49
|
test_files: []
|
data/.gitignore
DELETED
data/.travis.yml
DELETED
data/Gemfile
DELETED
data/Rakefile
DELETED
@@ -1,33 +0,0 @@
|
|
1
|
-
require "bundler/gem_tasks"
|
2
|
-
require "rake/testtask"
|
3
|
-
|
4
|
-
Rake::TestTask.new(:test) do |t|
|
5
|
-
t.libs << "test"
|
6
|
-
t.libs << "lib"
|
7
|
-
t.test_files = FileList["test/**/*_test.rb"]
|
8
|
-
end
|
9
|
-
|
10
|
-
task default: :test
|
11
|
-
|
12
|
-
task :benchmark do
|
13
|
-
require "bundler/setup"
|
14
|
-
Bundler.require
|
15
|
-
require "benchmark/ips"
|
16
|
-
|
17
|
-
str = StringIO.new
|
18
|
-
logger = ::Logger.new(str)
|
19
|
-
|
20
|
-
str2 = StringIO.new
|
21
|
-
logger2 = ::Logger.new(str2)
|
22
|
-
logger2.formatter = Logstop::Formatter.new
|
23
|
-
|
24
|
-
Benchmark.ips do |x|
|
25
|
-
x.report "logger" do
|
26
|
-
logger.info "This is a string: test@test.com"
|
27
|
-
end
|
28
|
-
|
29
|
-
x.report "logger2" do
|
30
|
-
logger2.info "This is a string: test@test.com"
|
31
|
-
end
|
32
|
-
end
|
33
|
-
end
|
data/logstop.gemspec
DELETED
@@ -1,27 +0,0 @@
|
|
1
|
-
|
2
|
-
lib = File.expand_path("../lib", __FILE__)
|
3
|
-
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
-
require "logstop/version"
|
5
|
-
|
6
|
-
Gem::Specification.new do |spec|
|
7
|
-
spec.name = "logstop"
|
8
|
-
spec.version = Logstop::VERSION
|
9
|
-
spec.authors = ["Andrew Kane"]
|
10
|
-
spec.email = ["andrew@chartkick.com"]
|
11
|
-
|
12
|
-
spec.summary = "Keep personally identifiable information (PII) out of your logs"
|
13
|
-
spec.homepage = "https://github.com/ankane/logstop"
|
14
|
-
spec.license = "MIT"
|
15
|
-
|
16
|
-
spec.files = `git ls-files -z`.split("\x0").reject do |f|
|
17
|
-
f.match(%r{^(test|spec|features)/})
|
18
|
-
end
|
19
|
-
spec.bindir = "exe"
|
20
|
-
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
21
|
-
spec.require_paths = ["lib"]
|
22
|
-
|
23
|
-
spec.add_development_dependency "benchmark-ips"
|
24
|
-
spec.add_development_dependency "bundler"
|
25
|
-
spec.add_development_dependency "minitest"
|
26
|
-
spec.add_development_dependency "rake"
|
27
|
-
end
|