ElasticSearch, LogStash and Kibana together create one of the most popular log ingestion and indexing solution. However, the logs being indexed and made available can potentially contain sensitive information such as PII. The talk will explain how to setup masking for such sensitive information(s) present in the logs in LogStash. This would enable any principal who wants to look at the logs to be able to do so while protecting leakage and misuse of sensitive information.
As an example case study, the participants will be shown how to setup filters in LogStash to mask data in the log conditionally based on whether the sensitive field is present in the particluar log entry or not.