Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

dev-bug - remove more sensitive data from the logs #37901

Merged
merged 21 commits into from
Jan 9, 2025
Merged

dev-bug - remove more sensitive data from the logs #37901

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
78b95e9
dev-bug - remove more sensitive data from the logs
MLainer1 Jan 1, 2025
179966a
Updated list
MLainer1 Jan 2, 2025
2d9b87f
Merge branch 'master' into dev_bug_remove_sensitive_data_from_logs
MLainer1 Jan 5, 2025
97fe9f7
added tests and IDs for the tests
MLainer1 Jan 5, 2025
d92dd2e
fix pre commit
MLainer1 Jan 5, 2025
295ab36
Merge branch 'master' into dev_bug_remove_sensitive_data_from_logs
MLainer1 Jan 5, 2025
e831337
pc
MLainer1 Jan 5, 2025
87ca1be
Merge branch 'master' into dev_bug_remove_sensitive_data_from_logs
MLainer1 Jan 5, 2025
ed5bfe8
cr
MLainer1 Jan 6, 2025
d29b362
Merge branch 'master' into dev_bug_remove_sensitive_data_from_logs
MLainer1 Jan 6, 2025
e254f4e
Merged master into current branch.
Jan 6, 2025
953e2fd
Bump pack from version Base to 1.39.9.
Jan 6, 2025
c123d15
Merge branch 'master' into dev_bug_remove_sensitive_data_from_logs
MLainer1 Jan 6, 2025
7465f23
Merged master into current branch.
Jan 6, 2025
cd285a9
Bump pack from version Base to 1.39.10.
Jan 6, 2025
b3378ee
Merged master into current branch.
Jan 7, 2025
4d0cd18
Bump pack from version Base to 1.39.11.
Jan 7, 2025
fc36bdb
Merge branch 'master' into dev_bug_remove_sensitive_data_from_logs
MLainer1 Jan 8, 2025
b9fe9bf
Merged master into current branch.
Jan 8, 2025
a61127f
Bump pack from version Base to 1.39.12.
Jan 8, 2025
7f3e82d
added JWT
MLainer1 Jan 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions Packs/Base/ReleaseNotes/1_39_12.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
#### Scripts

##### CommonServerPython

- Logging improvements.
7 changes: 4 additions & 3 deletions Packs/Base/Scripts/CommonServerPython/CommonServerPython.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8843,7 +8843,8 @@ def censor_request_logs(request_log):
:return: The censored request log
:rtype: ``str``
"""
keywords_to_censor = ['Authorization:', 'Cookie', "Token", "username", "password", "apiKey"]
keywords_to_censor = ['Authorization:', 'Cookie', "Token", "username",
"password", "Key", "identifier", "credential", "client"]
lower_keywords_to_censor = [word.lower() for word in keywords_to_censor]

trimed_request_log = request_log.lstrip(SEND_PREFIX)
Expand All @@ -8855,8 +8856,8 @@ def censor_request_logs(request_log):
if any(keyword in word.lower() for keyword in lower_keywords_to_censor):
next_word = request_log_lst[i + 1] if i + 1 < len(request_log_lst) else None
if next_word:
# If the next word is "Bearer" or "Basic" then we replace the word after it since thats the token
if next_word.lower() in ["bearer", "basic"] and i + 2 < len(request_log_lst):
# If the next word is "Bearer", "JWT" or "Basic" then we replace the word after it since thats the token
if next_word.lower() in ["bearer", "jwt", "basic"] and i + 2 < len(request_log_lst):
request_log_lst[i + 2] = MASK
elif request_log_lst[i + 1].endswith("}'"):
request_log_lst[i + 1] = "\"{}\"}}'".format(MASK)
Expand Down
18 changes: 17 additions & 1 deletion Packs/Base/Scripts/CommonServerPython/CommonServerPython_test.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9753,11 +9753,27 @@ def test_create_clickable_test_wrong_text_value():
"GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\nAuthorization: Bearer token123\\r\\n",
"GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\nAuthorization: Bearer <XX_REPLACED>\\r\\n"
),
(
"GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\nAuthorization: JWT token123\\r\\n",
"GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\nAuthorization: JWT <XX_REPLACED>\\r\\n"
),
(
"send: b'GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\n'",
str("send: b'GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\n'")
),
])
(
"send: b'GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\apiKey: 1234\\r\\n'",
"send: b'GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\apiKey: <XX_REPLACED>\\r\\n'"
),
(
"send: b'GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\credentials: {'good':'day'}\\r\\n'",
"send: b'GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\credentials: <XX_REPLACED>\\r\\n'"
),
(
"send: b'GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\client_name: client\\r\\n'",
"send: b'GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\client_name: <XX_REPLACED>\\r\\n'"
),],
ids=["Bearer", "Cookie", "Authorization", "Bearer", "JWT", "No change", "Key", "credential", "client"],)
def test_censor_request_logs(request_log, expected_output):
"""
Given:
Expand Down
2 changes: 1 addition & 1 deletion Packs/Base/pack_metadata.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "Base",
"description": "The base pack for Cortex XSOAR.",
"support": "xsoar",
"currentVersion": "1.39.11",
"currentVersion": "1.39.12",
"author": "Cortex XSOAR",
"serverMinVersion": "6.0.0",
"url": "https://www.paloaltonetworks.com/cortex",
Expand Down
Loading