1

I've searched the documentation located in the logback manual for an appender that will encrypt the log messages to a local file. The SSLServerSocketAppender seems to be exactly what I want except for the part that sends the log messages to a remote server. I just want the logs encrypted to a local file using an SSL key. I know I could write my own implementation, but I'd rather reuse an already existing one if possible. So far I haven't been able to find one.

Is there an Appender, or an encoder that could be used in conjunction with a RollingFileAppender, that allows encrypting (with an SSL key) the log messages to the local file system rather than to a remote server?

axiopisty
  • 4,972
  • 8
  • 44
  • 73

1 Answers1

1

First, you have to note that SSL/TLS is not a encryption algorithm. It's a way to secure network connections based on several cryptographic technologies. What you want is a symmetric way (like AES) to crypt your logs, so that they can be decrypted by another tool. Symmetric encryption is just one of the technologies using by SSL/TLS.

But AFAIK, there's no out-of-the-box implementation of such thing in logback.

You would have write a SecureAppender that would crypt messages before delegating real logging to a classic Appender.

Encryption is rather simple to do, see : https://stackoverflow.com/a/13103725/894194

Note that you have to take care of not keeping the secret key and the encrypted logs pn the same server. Encrypted logs would not be very secured if the secret key is available to everyone.

Hope this helps.

Community
  • 1
  • 1
Guillaume Darmont
  • 5,002
  • 1
  • 23
  • 35