Enable hooks to transform Msg about zerolog HOT 10 CLOSED

@rs would you have any advice for us? Our company is facing a similar issue, and a middleware sanitizer would be ideal. If you have some pointers, our team can do some digging and share a solution once we discover one.

from zerolog.

@shettyh you are correct, I misread your question.

Here's what chat gpt thinks about this: https://chat.openai.com/share/c177c6e9-78d8-4bfd-89c6-c20f9daf0c17

Looks like a custom writer interface could be an option?

from zerolog.

By message your mean the message field or the while line?

from zerolog.

@rs just the message. i realize it's not foolproof and devs can still leak sensitive stuff via Str(), Int() etc, but it's a start.

from zerolog.

EDIT: just realized with the way zerolog works, it'll actually create 2 "message" keys since there isn't any dedupe functionality. So... my guess is this still won't work.

@worrel I just stumbled across this. I am also am looking to mutate the message on log. I've come up with the following below, but I'm not sure if this would be considered a "bad practice or not. Specifically whether or not a hook should be editing the "message" key on the logger.

// Create the hook:
type FilterSensitiveMsgDataHook struct{}

func (h FilterSensitiveMsgDataHook) Run(e *zerolog.Event, level zerolog.Level, msg string) {
	e.Str("message", filterSensitiveMsgData(msg))
}

func filterSensitiveMsgData(msg string) string {
	var filteredMsg string
	/* filter data in msg text */
	return filteredMsg
}

from zerolog.

The possibility to retrieve event's keys to sanitize values would be nice to have too.

from zerolog.

My workaround was to use a custom MarshalZerologObject for my type:

type Config struct {
    Username string
    Password string
}

func (c Config) MarshalZerologObject(e *zerolog.Event) {
	// Define a type identical to Config that isn't a LogObjectMarshaler to trick Event.Interface()
	type T Config
	var t T = (T)(c)

	t.Password = "REDACTED"

	e.Interface("config", t)
}

But this requires that you call .EmbedObject(). I couldn't think of a way to let the code at the log point to specify the key. In my case that's not a problem.

from zerolog.

Have a similar requirement to scrub PII data from event before logging, any useful solutions for this ?

from zerolog.

@shettyh we solved it by adding a custom hook:

// See https://github.com/rs/zerolog/pull/559/files
// and https://github.com/rs/zerolog#contextcontext-integration
type PiiHook struct{}

func (h PiiHook) Run(e *zerolog.Event, level zerolog.Level, msg string) {
	ctx := e.GetCtx()

	//  Implement me: massage 'msg' string and scrub PII patterns
}

When you construct the zerolog instance, register the hook:

return zerolog.New(output).With().Timestamp().Logger().Hook(PiiHook{})

You'll need to adapt the logic of your hook, but this function will run on every logger call.

from zerolog.

Thanks @issmirnov for the quick response, but with the hook there is no way to look at all the keys already added to event right ?. Only message can be checked AFAIK, ideally i would like to look at all the key/values in event and also message

from zerolog.