[Heartbeat] redact authorization headers from logger #26892
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
vigneshshanmugam
added
bug
Team:obs-ds-hosted-services
botelastic
bot
added
needs_team
💚 Build Succeeded
Expand to view the summary
Build stats
Test stats 🧪
Trends 🧪💚 Flaky test reportTests succeeded. Expand to view the summary
Test stats 🧪
|
|
/test |
urso
reviewed
Jul 15, 2021
| @@ -27,13 +29,14 @@ var maskList = MakeStringSet( | |||
| "urls", | |||
| "host", | |||
| "hosts", | |||
| "authorization", | |||
There was a problem hiding this comment.
Let's add proxy-authorization as well. We have a few inputs (including heartbeat) that allow users to configure proxies.
urso
approved these changes
Jul 16, 2021
|
Thank you! Please backport to 7.x, 7.14, and 7.13 branches. |
vigneshshanmugam
added
backport-v7.13.0
mergify bot
pushed a commit
that referenced
this pull request
Jul 16, 2021
* [Heartbeat] redact authorization headers from logger * add proxy-auth headers to the list (cherry picked from commit 3598bd8)
mergify bot
pushed a commit
that referenced
this pull request
Jul 16, 2021
* [Heartbeat] redact authorization headers from logger * add proxy-auth headers to the list (cherry picked from commit 3598bd8)
mergify bot
pushed a commit
that referenced
this pull request
Jul 16, 2021
* [Heartbeat] redact authorization headers from logger * add proxy-auth headers to the list (cherry picked from commit 3598bd8)
vigneshshanmugam
added a commit
that referenced
this pull request
Jul 16, 2021
vigneshshanmugam
added a commit
that referenced
this pull request
Jul 16, 2021
vigneshshanmugam
added a commit
that referenced
this pull request
Jul 17, 2021
mdelapenya
added a commit
to mdelapenya/beats
that referenced
this pull request
Jul 19, 2021
* master: (61 commits) Add disk queue unit tests based on the queuetest package [Heartbeat] redact authorization headers from logger (elastic#26892) Expose custom process metrics (elastic#26912) [gcp/billing] always quote table name identifier (elastic#26870) Add Beats central management removal to BCs (elastic#26400) Add custom suffix to identifiers in filestream input when needed (elastic#26669) Update asa-ftd-pipeline.yml (elastic#26265) Use common host parser in vsphere module (elastic#26904) [automation] Update go release version 1.16.6 (elastic#26860) Skip flaky test: filestream and harvester group (elastic#26728) [Filebeat] Remove alias fields from Suricata and Traefik module mappings (elastic#26627) docs: apm-server.auth (elastic#26831) [Automation] Update elastic stack version to 8.0.0-2f008f4a for testing (elastic#26881) Clarify the scope of start/end multiline example (elastic#26786) [Heartbeat]: update Node.js version for synthetics (elastic#26867) [fix][httpjson] Fix incorrect key for template data (elastic#26848) [httpjson] Add value_type parameter to httpjson transforms (elastic#26847) [Heartbeat]: capture error from journey/end events (elastic#26781) [Winlogbeat] Fixes for wineventlog experimental api (elastic#26826) Set agent.id to Fleet Agent ID for each metric/log monitoring input (elastic#26776) ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
auth) in this case.authorizationheaders by adding them to the logger and also makes sure we capture both lowercase and uppercase strings as both are allowed for HTTP header checks. Added tests for the sameHeartbeat logs after this PR