Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Automatic obfuscation/scrubbing of commonly sensitive metadata #2466

Closed
flands opened this issue Feb 11, 2021 · 4 comments
Closed

Automatic obfuscation/scrubbing of commonly sensitive metadata #2466

flands opened this issue Feb 11, 2021 · 4 comments

Comments

@flands
Copy link
Contributor

flands commented Feb 11, 2021

Is your feature request related to a problem? Please describe.
Sensitive data can exist in telemetry data. For example, the db.statement attribute in spans is often deemed as sensitive data. The collector offers ways to address sensitive data (e.g. the attributes processor), but configuration today is manual.

Describe the solution you'd like
It would be desirable for the collector to offer automatic obfuscation/scrubbing automatically for known sensitive metadata. This would eliminate user error, minimize the likelihood of known sensitive data from being exposed and lower the barrier to entry (i.e. domain expertise to know what is sensitive data and how to handle it in the collector).

Describe alternatives you've considered
Continue doing this manually and/or improving documentation

Additional context
One could argue this is dependent on #886 but depends on implementation.

@gramidt
Copy link
Member

gramidt commented Feb 12, 2021

Excellent recommendation and love the idea of privacy-by-default. Should we start with compiling a list of attributes that are likely sensitive?

@flands
Copy link
Contributor Author

flands commented Feb 21, 2021

Yes -- though unclear the best way to do this. Database queries and URLs come to mind right away. Normalization will also exist in OTel instrumentation libraries at least long term.

@vishalj82
Copy link

vishalj82 commented Mar 3, 2022

Would it be ideal to introduce a new processor, which would have a default config, which could be overridden through the config file. We could have used attributes processor, however It would be more useful if it supports regex(or some expressions) to specify what we want to filter/scrub.

hughesjj added a commit to hughesjj/opentelemetry-collector that referenced this issue Apr 27, 2023
@github-actions github-actions bot added the Stale label Mar 3, 2024
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Apr 2, 2024
@BradErz
Copy link

BradErz commented Jun 28, 2024

I want to point out that this issue is linked in the security-best-practices document but it is currently marked as closed:
https://github.com/open-telemetry/opentelemetry-collector/blob/main/docs/security-best-practices.md#scrubbing-sensitive-data

I consider this quite important for traces and logs, as it's very easy to put the wrong thing in them.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

4 participants