I'm working on a Spring Boot project which should mask out sensitive data in the logging output. The approach I'm using is to specify a replacement in the application.properties with the configuration key "logging.pattern.console", like this:
logging.pattern.console=%replace(%msg){'password=.*', 'password=xxx'}%n
Now the challenge is, there are more than one keywords whose values are to be replaced, for example, "credit_card_number=", "ccv=", "ssn=", etc. etc. These key-value pairs come in HTTP GET requests like this:
https://blahblah.com/blah/somenoun?user=lisa&password=secret&credit_card_number=1111111111111111
Occurrences of the keywords are arbitrary, with no particular order, and they do not always appear in the requests.
My question is: how to write the regular expression in the "replace" parameter body, so that info prefixed with specified keywords are detected and masked? Is this even possible in one regular expression? If not possible, any other intrusive way to do this in a Spring Boot application?
Any help will be highly appreciated!
