You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The Nightfall filter scans logs for sensitive data and redacts the sensitive portions. This filter supports scanning for
4
-
various sensitive information, ranging from API keys and personally identifiable information(PII) to custom regexes you
5
-
define. You can configure what to scan for in the [Nightfall Dashboard](https://app.nightfall.ai).
3
+
The _Nightfall_ filter scans logs for sensitive data and redacts any sensitive
4
+
portions. This filter supports scanning for various sensitive information, ranging
5
+
from API keys and Personally Identifiable Information (PII) to custom regular
6
+
expressions you define. You can configure what to scan for in the
7
+
[Nightfall Dashboard](https://app.nightfall.ai).
6
8
7
-
> This filter is not enabled by default in 1.9.0 due to a typo. It must be enabled by setting flag ```-DFLB_FILTER_NIGHTFALL=ON``` when building. In 1.9.1 and above this is fixed.
8
-
## Configuration Parameters
9
+
This filter isn't enabled by default in version 1.9.0 due to a typo. To enable it,
10
+
set the flag ```-DFLB_FILTER_NIGHTFALL=ON``` when building. This is fixed for
11
+
versions 1.9.1 and later.
12
+
13
+
## Configuration parameters
9
14
10
15
The plugin supports the following configuration parameters:
11
16
12
17
| Key | Description | Default |
13
18
| :--- | :--- | :--- |
14
-
| nightfall\_api_key | The Nightfall API key to scan your logs with, obtainable from the [Nightfall Dashboard](https://app.nightfall.ai)||
15
-
| policy\_id | The Nightfall dev platform policy to scan your logs with, configurable in the [Nightfall Dashboard](https://app.nightfall.ai/developer-platform/policies). ||
16
-
| sampling\_rate | The rate controlling how much of your logs you wish to be scanned, must be a float between (0,1]. 1 means all logs will be scanned. Useful for avoiding rate limits in conjunction with Fluent Bit's match rule.| 1 |
17
-
| tls.debug | Debug level between 0 (nothing) and 4 (every detail). | 0 |
18
-
| tls.verify | When enabled, turns on certificate validation when connecting to the Nightfall API. | true |
19
-
| tls.ca_path | Absolute path to root certificates, required if tls.verify is true. ||
20
-
21
-
### Command Line
19
+
|`nightfall_api_key`| The Nightfall API key to scan your logs with, obtainable from the [Nightfall Dashboard](https://app.nightfall.ai)|_none_|
20
+
|`policy_id`| The Nightfall developer platform policy to scan your logs with, configurable in the [Nightfall Dashboard](https://app.nightfall.ai/developer-platform/policies). |_none_|
21
+
|`sampling_rate`| The rate controlling how much of your logs you wish to be scanned. Must be a float between `(0,1]`. `1` means all logs will be scanned. Use this setting to avoid rate limits in conjunction with Fluent Bit match rules.|`1`|
22
+
|`tls.debug`| Debug level between `0` (nothing) and `4` (every detail). |`0`|
23
+
|`tls.verify`| When enabled, turns on certificate validation when connecting to the Nightfall API. |`true`|
24
+
|`tls.ca_path`| Absolute path to root certificates, required if `tls.verify` is true. |_none_|
[0] app.log: [1644464790.280412000, {"A"=>"there is nothing sensitive here", "B"=>[{"A"=>"my credit card number is *******************"}, {"A"=>"*********** is my social security."}], "C"=>false, "D"=>"key ********************"}]
[0] app.log: [1644464790.280412000, {"A"=>"there is nothing sensitive here", "B"=>[{"A"=>"my credit card number is *******************"}, {"A"=>"*********** is my social security."}], "C"=>false, "D"=>"key ********************"}]
0 commit comments