Edge Delta Mask Filter

Mask values based on regex.

  2 minute read  

Version 2 is no longer supported. This section is for historical reference only.

See the latest version here.

Overview

This filter type hides (or masks) specific data, based on the configured regex pattern.

This filter type can be useful to hide sensitive data, specifically phone numbers and credit card numbers. Based on the configured regex pattern, this filter type changes the log lines to hide the matched content.

Example

The following example displays a filter that replaces password: SOME_PASSWORD with password: ****** :

  - name: mask_password
    type: mask
    pattern: "password:\s*\w+"
    mask: "password: ******"

  - name: mask_email
    type: mask
    pattern: "email:\s*(?P<email>\w+)"
    mask_captured:
      email: '******'

Instead of a custom pattern, you can also use a common, predefined pattern for credit_card and us_phone_dash. The following example displays a filter that masks US phone numbers:

  - name: mask_phone
    type: mask
    predefined_pattern: us_phone_dash

Parameters

name

The name parameter specifies the name for the filter. You refer to this name in other places, for example to refer to a specific filter in a workflow or processor. Names must be unique within the filters: section. It is a YAML list element so it begins with a - and a space followed by the string. A name is a required parameter for a filter

filters:
  - name: <filter-name>

type: mask

The type parameter in the filter context specifies the type of filter to apply. A type is a required parameter for a filter.

filters:
  - name: <filter-name>
    type: <filter-type>

predefined_pattern

Instead of a custom pattern, you can use a common, predefined pattern, specifically credit_card and us_phone_dash.

You must configure the pattern parameter or the predefined_pattern parameter.

This parameter is optional.

predefined_pattern: credit_card

pattern

Enter a regular expression pattern to define which strings to match for.

You must configure the pattern parameter or the predefined_pattern parameter.

This parameter is optional.

pattern: 'email:\s*(?P<email>\w+)

mask

Enter the string to be used as the replacement for the matched part of the log. The default mask is ******. If you specify an empty mask ( "" ), then the filter will remove the matched pattern from the log.

This parameter is optional.

mask: 'XXXXX'

mask_captured

This parameter supports capture groups for regex masks. In other words, you can replace any match of a capture group with a given map.

To replace all matches (not submatch), you can use the all keyword.

This parameter is optional.

mask_captured:
  email: '******'