Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

dev-bug - remove more sensitive data from the logs #37901

Open
wants to merge 17 commits into
base: master
Choose a base branch
from
+21 −3
Open

dev-bug - remove more sensitive data from the logs #37901

Show file tree
Hide file tree
Changes from 8 commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
78b95e9
dev-bug - remove more sensitive data from the logs
MLainer1 Jan 1, 2025
179966a
Updated list
MLainer1 Jan 2, 2025
2d9b87f
Merge branch 'master' into dev_bug_remove_sensitive_data_from_logs
MLainer1 Jan 5, 2025
97fe9f7
added tests and IDs for the tests
MLainer1 Jan 5, 2025
d92dd2e
fix pre commit
MLainer1 Jan 5, 2025
295ab36
Merge branch 'master' into dev_bug_remove_sensitive_data_from_logs
MLainer1 Jan 5, 2025
e831337
pc
MLainer1 Jan 5, 2025
87ca1be
Merge branch 'master' into dev_bug_remove_sensitive_data_from_logs
MLainer1 Jan 5, 2025
ed5bfe8
cr
MLainer1 Jan 6, 2025
d29b362
Merge branch 'master' into dev_bug_remove_sensitive_data_from_logs
MLainer1 Jan 6, 2025
e254f4e
Merged master into current branch.
Jan 6, 2025
953e2fd
Bump pack from version Base to 1.39.9.
Jan 6, 2025
c123d15
Merge branch 'master' into dev_bug_remove_sensitive_data_from_logs
MLainer1 Jan 6, 2025
7465f23
Merged master into current branch.
Jan 6, 2025
cd285a9
Bump pack from version Base to 1.39.10.
Jan 6, 2025
b3378ee
Merged master into current branch.
Jan 7, 2025
4d0cd18
Bump pack from version Base to 1.39.11.
Jan 7, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions Packs/Base/ReleaseNotes/1_39_8.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
#### Scripts

##### CommonServerPython

- Added more filtering words in the censor_request_logs function
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- Added more filtering words in the censor_request_logs function
- Logging improvements.

3 changes: 2 additions & 1 deletion Packs/Base/Scripts/CommonServerPython/CommonServerPython.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8843,7 +8843,8 @@ def censor_request_logs(request_log):
:return: The censored request log
:rtype: ``str``
"""
keywords_to_censor = ['Authorization:', 'Cookie', "Token", "username", "password", "apiKey"]
keywords_to_censor = ['Authorization:', 'Cookie', "Token", "username",
"password", "Key", "identifier", "credential", "client"]
lower_keywords_to_censor = [word.lower() for word in keywords_to_censor]

trimed_request_log = request_log.lstrip(SEND_PREFIX)
Expand Down
14 changes: 13 additions & 1 deletion Packs/Base/Scripts/CommonServerPython/CommonServerPython_test.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9757,7 +9757,19 @@ def test_create_clickable_test_wrong_text_value():
"send: b'GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\n'",
str("send: b'GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\n'")
),
])
(
"send: b'GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\apiKey: 1234\\r\\n'",
"send: b'GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\apiKey: <XX_REPLACED>\\r\\n'"
),
(
"send: b'GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\credentials: {'good':'day'}\\r\\n'",
"send: b'GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\credentials: <XX_REPLACED>\\r\\n'"
),
(
"send: b'GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\client_name: client\\r\\n'",
"send: b'GET /api/v1/users HTTP/1.1\\r\\nHost: example.com\\r\\client_name: <XX_REPLACED>\\r\\n'"
),],
ids=["Bearer", "Cookie", "Authorization", "Bearer", "No change", "Key", "credential", "client"],)
def test_censor_request_logs(request_log, expected_output):
"""
Given:
Expand Down
2 changes: 1 addition & 1 deletion Packs/Base/pack_metadata.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "Base",
"description": "The base pack for Cortex XSOAR.",
"support": "xsoar",
"currentVersion": "1.39.7",
"currentVersion": "1.39.8",
"author": "Cortex XSOAR",
"serverMinVersion": "6.0.0",
"url": "https://www.paloaltonetworks.com/cortex",
Expand Down
Loading