I'm not sure how to use those formatters, but we used logback's "replace"
feature to make sure no credit card numbers are logged for example:
<encoder>
<!-- Example with replacement for secret masking -->
<pattern>%d{HH:mm:ss.SSS} [%16.16thread] %-5level %-30.30logger{30}
\(%X{camel.breadcrumbId}\) -
%replace(%m){'(secret:)[^\s]*','$1--'}%n%xEx</pattern>
</encoder>
Depending on the complexity of masking the regular expression may get
complicated.
This is a lower level solution as it makes sure that sensitive information
is masked even in logs dropped by java code.
On Thu, Jun 28, 2018 at 9:38 PM Darius Cooper <dariuscoo...@gmail.com>
wrote:
> I need to mask certain headers (e.g. Authorization header) at the Camel
> Context level, so that even if a programmer logs "showAll", the header is
> masked.
>
> Reading the Camel docs, I thought I would implement LogListener or
> ExchangeFormatter
> But, looking at this thread, maybe I should extend the
> DefaultMaskingFormatter
>
> Any thoughts in the pros/cons of the three approaches ?
>
