[rsyslog] Query rsyslog

Renukha Sadhu sadhu.renuka at gmail.com
Wed May 3 07:28:16 CEST 2017

Hi all,

Greetings for the day!!

I would like to replace password value with the '******' in rsyslogs so
that it will be hide from other users.


When user log into the application with curl request then the logs should
not keep the password directly.

eg: curl --insecure --request POST --cookie-jar cookie.txt "https://<fully
qualified domain name>/login?IDToken1=<username>&IDToken2=<password>"

we could see the log statement in syslogs as below:

"POST /login?IDToken1=<username>&IDToken2=<password>rd HTTP/1.1" 302 - "-"
"curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/ Basic
ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2" -

Is there any mechanism to replace IDToken2 value with "**********"  ?

Could you please help in this.

Renuka S

More information about the rsyslog mailing list