<div dir="ltr"><div dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Jul 21, 2021 at 8:18 PM Steve Edwards <<a href="mailto:asterisk.org@sedwards.com">asterisk.org@sedwards.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Please don't top-post.<br>
<br>
On Thu, 22 Jul 2021, Patrick Wakano wrote:<br>
<br>
> If you need something quick you could create a batch script with sed or <br>
> awk to remove the log lines you want and attach it to the prerotate <br>
> script of logrotate (in case you use any of these in your env). <br>
> Certainly this is not a final solution but it is already something that <br>
> doesn't depend on an asterisk patch.....<br>
> <br>
> On Thu, Jul 8, 2021 at 3:58 PM Dovid Bender <<a href="mailto:dovid@telecurve.com" target="_blank">dovid@telecurve.com</a>> wrote:<br>
> <br>
> We have a project where people will be making payments over the phone. I <br>
> would like block Asterisk from logging any time the system is processing <br>
> a card. So be it SayDigits(123456789), when the user enters DTMF or when <br>
> I pass a card number as a variable to an AGI etc. I assume this affects <br>
> others and I would like to have the patch created in a way that a. will <br>
> be accepted by Sangoma and b. will work for anyone else that has this <br>
> issue.<br>
<br>
I suspect the concern is having credit card numbers anywhere on disk, <br>
anytime.<br>
<br>
Your post suggests an alternative method that may be workable...<br>
<br>
rsyslog has a module, 'omprog' -- "This module permits to integrate <br>
arbitrary external programs into rsyslog's logging"<br>
<br>
I've never used it, but the description implies you could configure <br>
Asterisk to log to syslog, and then use rsyslog+omprog to pipe the <br>
messages through a script to filter out '16 digit numbers starting with <br>
456' or '15 digit numbers starting with 3.'<br>
<br></blockquote><div>I thought about that. The issue that I have is say with for example "Playing 'digits/3.ulaw'" in the logs. It can be a credit card number OR it could be telling them how much money they are paying. If the latter I want to keep it. If it's repeating a credit card I don't.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
Way back in the day (before PCI), we used to keep the first 6 digits (the <br>
BIN) and the last 4 digits and replace the rest with x. We used to call <br>
the result a 'span.' I have no idea if this is current practice.<br>
<br>
-- <br>
Thanks in advance,<br>
-------------------------------------------------------------------------<br>
Steve Edwards <a href="mailto:sedwards@sedwards.com" target="_blank">sedwards@sedwards.com</a> Voice: +1-760-468-3867 PST<br>
<a href="https://www.linkedin.com/in/steve-edwards-4244281" rel="noreferrer" target="_blank">https://www.linkedin.com/in/steve-edwards-4244281</a>-- <br>
_____________________________________________________________________<br>
-- Bandwidth and Colocation Provided by <a href="http://www.api-digital.com" rel="noreferrer" target="_blank">http://www.api-digital.com</a> --<br>
<br>
Check out the new Asterisk community forum at: <a href="https://community.asterisk.org/" rel="noreferrer" target="_blank">https://community.asterisk.org/</a><br>
<br>
New to Asterisk? Start here:<br>
<a href="https://wiki.asterisk.org/wiki/display/AST/Getting+Started" rel="noreferrer" target="_blank">https://wiki.asterisk.org/wiki/display/AST/Getting+Started</a><br>
<br>
asterisk-users mailing list<br>
To UNSUBSCRIBE or update options visit:<br>
<a href="http://lists.digium.com/mailman/listinfo/asterisk-users" rel="noreferrer" target="_blank">http://lists.digium.com/mailman/listinfo/asterisk-users</a></blockquote></div></div>