### Install Logging Redactor Source: https://github.com/armurox/loggingredactor/blob/master/README.md Install the library using pip. ```bash pip install loggingredactor ``` -------------------------------- ### Setup SecureHandler with Combined Redaction Source: https://context7.com/armurox/loggingredactor/llms.txt Configures a custom logging handler that combines regex pattern-based and key-based redaction for comprehensive data protection. This handler redacts API keys, emails, bearer tokens, passwords, secrets, and private keys. ```python import re import logging import loggingredactor from pythonjsonlogger import jsonlogger class SecureHandler(logging.StreamHandler): def __init__(self): super().__init__() self.addFilter(loggingredactor.RedactingFilter( mask_patterns=[ re.compile(r'(?<=api_key=)["\w-]+'), re.compile(r'\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b'), re.compile(r'(?<=Bearer\s)["\w.-]+'), ], mask_keys=['password', 'secret', 'private_key', 'access_token'], mask='***' )) self.setFormatter(jsonlogger.JsonFormatter()) logger = logging.getLogger('secure') logger.setLevel(logging.DEBUG) logger.addHandler(SecureHandler()) ``` -------------------------------- ### Integrate with logging configuration dictionary Source: https://context7.com/armurox/loggingredactor/llms.txt Configures the RedactingFilter within a dictConfig structure for enterprise logging setups. ```python import re import logging.config import loggingredactor LOGGING_CONFIG = { 'version': 1, 'disable_existing_loggers': False, 'filters': { 'pii_filter': { '()': 'loggingredactor.RedactingFilter', 'mask_patterns': ( re.compile(r'\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b'), # Email re.compile(r'\b\d{3}-\d{2}-\d{4}\b'), # SSN re.compile(r'\b\d{16}\b'), # Credit card ), 'mask_keys': ('password', 'email', 'ssn', 'api_key', 'token'), 'mask': '[REDACTED]', }, }, 'formatters': { 'standard': { 'format': '%(asctime)s - %(name)s - %(levelname)s - %(message)s' }, }, 'handlers': { 'console': { 'class': 'logging.StreamHandler', 'level': 'DEBUG', 'formatter': 'standard', 'filters': ['pii_filter'], }, 'file': { 'class': 'logging.FileHandler', 'filename': 'app.log', 'level': 'INFO', 'formatter': 'standard', 'filters': ['pii_filter'], }, }, 'root': { 'level': 'DEBUG', 'handlers': ['console', 'file'], }, } # Apply configuration logging.config.dictConfig(LOGGING_CONFIG) logger = logging.getLogger('myapp') # All sensitive data is now automatically redacted logger.info("User john@example.com registered with SSN 123-45-6789") logger.warning("Payment processed", extra={'email': 'user@test.com', 'token': 'abc123'}) ``` -------------------------------- ### Integrate RedactingFilter into Python Logging Config Source: https://github.com/armurox/loggingredactor/blob/master/README.md Add the 'loggingredactor.RedactingFilter' to your logging configuration's filters and associate it with handlers where redaction is desired. This example shows how to configure it within a dictionary-based logging setup. ```python import re import logging.config LOGGING = { 'filters':{ 'pii': { '()': 'loggingredactor.RedactingFilter', 'mask_keys': ('password', 'email', 'last_name', 'first_name', 'gender', 'lastname', 'firstname',), 'mask_patterns': (re.compile(r'\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b'), ) # email regex 'mask': 'REDACTED', }, }, 'handlers': { 'stdout': { 'filters': ['pii',], }, } } logging.config.dictConfig(LOGGING) ``` -------------------------------- ### Redact API Keys in JSON Logs Source: https://github.com/armurox/loggingredactor/blob/master/README.md Apply a filter to the root logger to redact API keys in JSON formatted logs. This example uses a positive lookbehind regex and a custom RedactStreamHandler. ```python import re import logging import loggingredactor from pythonjsonlogger import jsonlogger # Create a pattern to hide api key in url. This uses a _Positive Lookbehind_ redact_mask_patterns = [re.compile(r'(?<=api_key=)[\w-]+')] # Override the logging handler that you want redacted class RedactStreamHandler(logging.StreamHandler): def __init__(self, *args, **kwargs): logging.StreamHandler.__init__(self, *args, **kwargs) self.addFilter(loggingredactor.RedactingFilter(redact_mask_patterns)) root_logger = logging.getLogger() sys_stream = RedactStreamHandler() # Also set the formatter to use json, this is optional and all nested keys will get redacted too sys_stream.setFormatter(jsonlogger.JsonFormatter('%(name)s %(message)s')) root_logger.addHandler(sys_stream) logger = logging.getLogger(__name__) logger.error("Request Failed", extra={'url': 'https://example.com?api_key=my-secret-key'}) # Output: {"name": "__main__", "message": "Request Failed", "url": "https://example.com?api_key=****"} ``` -------------------------------- ### Redact Extra Fields in JSON Logging Source: https://context7.com/armurox/loggingredactor/llms.txt Setup for redacting structured data when using JSON formatters. ```python import re import logging import loggingredactor from pythonjsonlogger import jsonlogger ``` -------------------------------- ### Support multiple mapping types Source: https://context7.com/armurox/loggingredactor/llms.txt Shows compatibility with various Python mapping types like OrderedDict and ChainMap. ```python import re import logging import loggingredactor from collections import OrderedDict, ChainMap from frozendict import frozendict logger = logging.getLogger('mapping_logger') logger.setLevel(logging.DEBUG) handler = logging.StreamHandler() logger.addHandler(handler) patterns = [re.compile(r'\d{4}')] logger.addFilter(loggingredactor.RedactingFilter(patterns, mask='XXXX')) ``` -------------------------------- ### Initialize RedactingFilter Source: https://context7.com/armurox/loggingredactor/llms.txt Constructor signature for the RedactingFilter class. ```python from loggingredactor import RedactingFilter # Full constructor signature filter = RedactingFilter( mask_patterns='', # List of compiled regex patterns to match and redact mask='****', # String to replace matched content (default: '****') mask_keys=None # Iterable of dictionary keys whose values should always be redacted ) ``` -------------------------------- ### Redacting OrderedDict Source: https://context7.com/armurox/loggingredactor/llms.txt Demonstrates how OrderedDict is redacted by the logging redactor. ```python from collections import OrderedDict import loggingredactor logger = loggingredactor.getLogger(__name__) ordered = OrderedDict([('card', '4111'), ('exp', '12/25')]) logger.info("OrderedDict: %s", ordered) ``` -------------------------------- ### Redacting frozendict Source: https://context7.com/armurox/loggingredactor/llms.txt Demonstrates how frozendict (immutable) is redacted by the logging redactor. ```python from frozendict import frozendict import loggingredactor logger = loggingredactor.getLogger(__name__) frozen = frozendict({'pin': '1234', 'name': 'Alice'}) logger.info("frozendict: %s", frozen) # Original data preserved print(frozen['pin']) ``` -------------------------------- ### Redacting ChainMap Source: https://context7.com/armurox/loggingredactor/llms.txt Demonstrates how ChainMap is redacted by the logging redactor. ```python from collections import ChainMap import loggingredactor logger = loggingredactor.getLogger(__name__) chain = ChainMap({'code': '5678'}, {'backup': '9012'}) logger.info("ChainMap: %s", chain) ``` -------------------------------- ### Handle nested data structures Source: https://context7.com/armurox/loggingredactor/llms.txt Demonstrates recursive redaction across dictionaries, lists, and tuples without modifying the original data objects. ```python import re import logging import loggingredactor logger = logging.getLogger('nested_logger') logger.setLevel(logging.DEBUG) handler = logging.StreamHandler() logger.addHandler(handler) # Pattern to redact 3+ digit numbers patterns = [re.compile(r'\d{3,}')] logger.addFilter(loggingredactor.RedactingFilter(patterns, mask='***')) # Nested dictionary nested_data = { 'user': { 'account': { 'card_number': '4111111111111111', 'cvv': '123' } } } logger.info("Payment info: %s", nested_data) # List of sensitive items items = ['Order #12345', 'SKU-001', 'Price: 9999'] logger.info("Items: %s", items) # Tuple with nested list mixed = ({'ids': ['100', '200', '300']}, 'ref-456') logger.info("Data: %s", mixed) # Original data unchanged print(nested_data['user']['account']['card_number']) # 4111111111111111 ``` -------------------------------- ### Redact Log Messages with Regex Source: https://context7.com/armurox/loggingredactor/llms.txt Apply regex patterns to mask sensitive content within log messages. ```python import re import logging import loggingredactor # Create logger logger = logging.getLogger('myapp') logger.setLevel(logging.DEBUG) # Add console handler handler = logging.StreamHandler() logger.addHandler(handler) # Define patterns to redact (digits in this example) redact_patterns = [re.compile(r'\d+')] # Add the redacting filter with custom mask logger.addFilter(loggingredactor.RedactingFilter(redact_patterns, mask='[REDACTED]')) # Test logging logger.warning("User ID: 12345 made a purchase of $99.99") # Output: User ID: [REDACTED] made a purchase of $[REDACTED].[REDACTED] logger.info("Phone: 555-123-4567, SSN: 123-45-6789") # Output: Phone: [REDACTED]-[REDACTED]-[REDACTED], SSN: [REDACTED]-[REDACTED]-[REDACTED] ``` -------------------------------- ### Create custom handler with redaction Source: https://context7.com/armurox/loggingredactor/llms.txt Defines a custom StreamHandler that applies a RedactingFilter to mask sensitive keys and patterns. ```python class RedactStreamHandler(logging.StreamHandler): def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) patterns = [re.compile(r'(?<=api_key=)[\w-]+')] sensitive_keys = ['password', 'token', 'secret'] self.addFilter(loggingredactor.RedactingFilter( mask_patterns=patterns, mask='****', mask_keys=sensitive_keys )) # Setup root logger with JSON formatting root_logger = logging.getLogger() root_logger.setLevel(logging.DEBUG) handler = RedactStreamHandler() handler.setFormatter(jsonlogger.JsonFormatter('%(name)s %(message)s')) root_logger.addHandler(handler) logger = logging.getLogger(__name__) # Log with extra fields containing sensitive data logger.error( "Authentication failed", extra={ 'url': 'https://api.example.com?api_key=my-secret-key', 'user': { 'id': 123, 'password': 'user_password_here', 'token': 'bearer_token_xyz' } } ) ``` -------------------------------- ### Logging with Sensitive Data Source: https://context7.com/armurox/loggingredactor/llms.txt Logs a message containing multiple types of sensitive data, including an API key in a URL, a Bearer token, a user email, and credentials (password, access token). The SecureHandler will redact all these values. ```python logger.info( "API call to https://api.service.com?api_key=sk-12345 with Bearer eyJhbGc.token.here", extra={ 'user_email': 'admin@company.com', 'credentials': { 'password': 'super_secret', 'access_token': 'tok_123abc' }, 'response_code': 200 } ) ``` -------------------------------- ### Redact API Keys in URLs Source: https://context7.com/armurox/loggingredactor/llms.txt Use positive lookbehind regex to redact specific URL parameters while keeping keys visible. ```python import re import logging import loggingredactor logger = logging.getLogger('api_logger') logger.setLevel(logging.DEBUG) handler = logging.StreamHandler() logger.addHandler(handler) # Pattern to redact API key values while keeping 'api_key=' visible api_key_pattern = [re.compile(r'(?<=api_key=)[\w-]+')] logger.addFilter(loggingredactor.RedactingFilter(api_key_pattern)) # Log URLs with API keys logger.error("Request failed: https://api.example.com?api_key=secret-key-12345&sort=price") # Output: Request failed: https://api.example.com?api_key=****&sort=price logger.info("Calling https://service.io/data?api_key=my-private-token&limit=100") # Output: Calling https://service.io/data?api_key=****&limit=100 ``` -------------------------------- ### RedactingFilter Class Source: https://context7.com/armurox/loggingredactor/llms.txt The core class for filtering log records to redact sensitive information. ```APIDOC ## Class: RedactingFilter ### Description A logging filter that redacts sensitive information from log records based on regex patterns or dictionary keys. ### Constructor Parameters - **mask_patterns** (list) - Optional - List of compiled regex patterns to match and redact. - **mask** (string) - Optional - String to replace matched content (default: '****'). - **mask_keys** (iterable) - Optional - Iterable of dictionary keys whose values should always be redacted. ``` -------------------------------- ### Redact Dictionary Keys Source: https://context7.com/armurox/loggingredactor/llms.txt Mask values associated with specific dictionary keys to protect sensitive fields. ```python import re import logging import loggingredactor logger = logging.getLogger('user_logger') logger.setLevel(logging.DEBUG) handler = logging.StreamHandler() logger.addHandler(handler) # Define keys that should always be redacted sensitive_keys = ['email', 'password', 'ssn', 'credit_card'] logger.addFilter(loggingredactor.RedactingFilter(mask='[HIDDEN]', mask_keys=sensitive_keys)) # Using positional arguments with dict user_data = { 'firstname': 'John', 'email': 'john.doe@example.com', 'password': 'super_secret_123' } logger.warning("User %(firstname)s logged in with email: %(email)s", user_data) # Output: User John logged in with email: [HIDDEN] # Original data remains unchanged print(user_data['email']) # john.doe@example.com print(user_data['password']) # super_secret_123 ``` -------------------------------- ### Redact Sensitive Dictionary Keys in Logs Source: https://github.com/armurox/loggingredactor/blob/master/README.md Redact values associated with specific dictionary keys like 'email' and 'password' in log messages, including positional arguments. Uses a custom handler and a default mask of 'REDACTED'. ```python import re import logging import loggingredactor from pythonjsonlogger import jsonlogger # This list now contains all the dictioanry keys that will have their values redacted in the logger object redact_keys = ['email', 'password'] # Override the logging handler that you want redacted class RedactStreamHandler(logging.StreamHandler): def __init__(self, *args, **kwargs): logging.StreamHandler.__init__(self, *args, **kwargs) self.addFilter(loggingredactor.RedactingFilter(mask='REDACTED', mask_keys=redact_keys)) root_logger = logging.getLogger() sys_stream = RedactStreamHandler() # Also set the formatter to use json, this is optional and all nested keys will get redacted too sys_stream.setFormatter(jsonlogger.JsonFormatter('%(name)s %(message)s')) root_logger.addHandler(sys_stream) logger = logging.getLogger(__name__) logger.warning("User %(firstname)s with email: %(email)s and password: %(password)s bought some food!", {'firstname': 'Arman', 'email': 'arman_jasuja@yahoo.com', 'password': '1234567'}) # Output: {"name": "__main__", "message": "User Arman with email: REDACTED and password: REDACTED bought some food"} ``` -------------------------------- ### Redact Digits in Logger Messages Source: https://github.com/armurox/loggingredactor/blob/master/README.md Add a filter to a specific logger to redact all digits in its messages using a default mask of 'xx'. ```python import re import logging import loggingredactor # Create a logger logger = logging.getLogger() # Add the redact filter to the logger with your custom filters redact_mask_patterns = [re.compile(r'\d+')] # if no `mask` is passed in, 4 asterisks will be used logger.addFilter(loggingredactor.RedactingFilter(redact_mask_patterns, mask='xx')) logger.warning("This is a test 123...") # Output: This is a test xx... ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.