[asterisk-users] Patch to remove numbers from the logs

Dovid Bender dovid at telecurve.com
Thu Jul 22 04:08:22 CDT 2021 

On Wed, Jul 21, 2021 at 8:18 PM Steve Edwards <asterisk.org at sedwards.com>
wrote:

> Please don't top-post.
>
> On Thu, 22 Jul 2021, Patrick Wakano wrote:
>
> > If you need something quick you could create a batch script with sed or
> > awk to remove the log lines you want and attach it to the prerotate
> > script of logrotate (in case you use any of these in your env).
> > Certainly this is not a final solution but it is already something that
> > doesn't depend on an asterisk patch.....
> >
> > On Thu, Jul 8, 2021 at 3:58 PM Dovid Bender <dovid at telecurve.com> wrote:
> >
> > We have a project where people will be making payments over the phone. I
> > would like block Asterisk from logging any time the system is processing
> > a card. So be it SayDigits(123456789), when the user enters DTMF or when
> > I pass a card number as a variable to an AGI etc. I assume this affects
> > others and I would like to have the patch created in a way that a. will
> > be accepted by Sangoma and b. will work for anyone else that has this
> > issue.
>
> I suspect the concern is having credit card numbers anywhere on disk,
> anytime.
>
> Your post suggests an alternative method that may be workable...
>
> rsyslog has a module, 'omprog' -- "This module permits to integrate
> arbitrary external programs into rsyslog's logging"
>
> I've never used it, but the description implies you could configure
> Asterisk to log to syslog, and then use rsyslog+omprog to pipe the
> messages through a script to filter out '16 digit numbers starting with
> 456' or '15 digit numbers starting with 3.'
>
> I thought about that. The issue that I have is say with for example
"Playing 'digits/3.ulaw'" in the logs. It can be a credit card number OR it
could be telling them how much money they are paying. If the latter I want
to keep it. If it's repeating a credit card I don't.


> Way back in the day (before PCI), we used to keep the first 6 digits (the
> BIN) and the last 4 digits and replace the rest with x. We used to call
> the result a 'span.' I have no idea if this is current practice.
>
> --
> Thanks in advance,
> -------------------------------------------------------------------------
> Steve Edwards       sedwards at sedwards.com      Voice: +1-760-468-3867 PST
>              https://www.linkedin.com/in/steve-edwards-4244281--
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> Check out the new Asterisk community forum at:
> https://community.asterisk.org/
>
> New to Asterisk? Start here:
>       https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20210722/1b81d452/attachment.html>

More information about the asterisk-users mailing list