Keep Your logs safe!
This formatter ensures the security of your logs and prevents sensitive data leaks.
For example -
Using this Formatter will print this line:
logger.info(f'Dont Give Your {secrets} away')
like this:
Dont Give Your ****** away
This formatter utilizes the standard logging.Formatter
module.
Before printing each record to any destination (file, stdout, etc.), it ensures sensitive data is masked with asterisks to prevent leaks.
pip install maskerlogger
Like any formatter - just init your logger handler with the MaskerLogger formatter.
from maskerlogger import MaskerFormatter
logger = logging.getLogger('logger')
logger.setLevel(logging.DEBUG)
handler = logging.StreamHandler()
handler.setFormatter(
MaskerFormatter("%(asctime)s %(name)s %(levelname)s %(message)s"))
logger.addHandler(handler)
If, for some reason, you want to disable masking on a specific log line, use the SKIP_MASK
mechanism.
from masker_formatter import MaskerFormatter, SKIP_MASK
...
...
logger.info('Line you want to skip', extra=SKIP_MASK)
Here’s a rewritten version suitable for inclusion in a README.md file:
If you prefer to mask only a portion of a secret (rather than its entire length), you can set the redact
parameter in the formatter. The redact
parameter specifies the percentage of the secret to be masked.
Here’s an example of how to use it:
handler.setFormatter(
MaskerFormatter("%(asctime)s %(name)s %(levelname)s %(message)s",
redact=30))
In this example, 30% of the secret will be masked. Adjust the redact
value as needed to suit your requirements.
Here's where the magic happens!
Our tool is built upon the powerful Gitleaks tool,
leveraging its default configuration to scan for sensitive data leaks in repositories.
You can find the default configuration here
To create and use your own config file, set the path when initializing the formatter:
handler.setFormatter(
MaskerFormatter("%(asctime)s %(name)s %(levelname)s %(message)s",
regex_config_path="your/config/gitleaks.toml"))
Good luck!