Hi, Flume has built in functionality to log out data flowing through mainly for debugging purposes. This functionality appears in several places of the codebase. I think such functionality rise security concerns in production environments where sensitive information might be ingested so it is crucial that enabling such functionality has to be as explicit as possible (avoid implicit side effect setup). Eg: setting the level of root logger to debug/trace cause that every other logger will start logging at debug/trace including the ones logging raw data.
Options to solve this issue: 1) command line option to enable data logging 2) configuration property to enable data logging globally 3) implementing a single concept which is solely responsible for logging ie a single LoggerSink (which already exists) or Interceptor 4) introduction of a new named logger instance which is configured OFF in log4j config 5) any other idea is welcomed Considering the pros and cons of the usage and implementation I would vote for 4) but I require your opinion. I'm going to open a jira to tackle this work (please let me know if there are some important fields I have to set considering 1.7 release). Cheers, Attila
