close

Filter

Elastic Social Manual / Version 2104

Table Of Contents

3.2.7 Logging

CoreMedia Elastic Social controls and processes personal data. Thus it is important to deal carefully with data logged by applications having Elastic Social enabled. In general it is advisable to turn off any debug logging and below as debug logging events might contain further personal data.

SLF4j Logging Markers

Logging events containing personal data or which might contain personal data are marked with so called SLF4j Logging Markers. There are two markers in BaseMarker dedicated to mark personal data logging events:

PERSONAL_DATA ("personalData")
Marks any logging event revealing personal data
UNCLASSIFIED_PERSONAL_DATA ("unclassified PersonalData")
Marks any logging event possibly revealing personal data. One example are logged exception stacktraces which are raised by third-party libraries where you have no control if any of your personal data you handed over to the library will be mentioned in the exception message. You should expect many false-positives in unclassified personal data logging events.
Logback Marker Filters

The SLF4j Logging Markers can be used to configure Logback, so that logging events containing personal data can either be ignored or redirected to dedicated files which for example are better secured. To do so, configure Logback Filters.

<appender
    name="personalData"
    class="ch.qos.logback.core.rolling.RollingFileAppender"
    additivity="false">
  <filter
      class="ch.qos.logback.core.filter.EvaluatorFilter">
    <evaluator
        class="ch.qos.logback.classic.boolex.OnMarkerEvaluator">
      <marker>personalData</marker>
    </evaluator>
    <OnMismatch>DENY</OnMismatch>
    <OnMatch>ACCEPT</OnMatch>
  </filter>
  <file>personalData.log</file>
  [...]
</appender>

    

Example 3.1. Logback Filtering using OnMarkerEvaluator


Example 3.1, “Logback Filtering using OnMarkerEvaluator” shows an example which will redirect any personal data logging events to an extra file and remove it from other files. This includes events which contain personal data and those which might contain personal data (unclassified).

<appender
    name="personalData"
    class="ch.qos.logback.core.rolling.RollingFileAppender"
    additivity="false">
  <filter
      class="ch.qos.logback.core.filter.EvaluatorFilter">
    <evaluator>
      <expression><![CDATA[
        return marker != null
          && marker.contains("personalData")
          && !marker.contains("unclassifiedPersonalData")
        ;
        ]]></expression>
    </evaluator>
    <OnMismatch>DENY</OnMismatch>
    <OnMatch>ACCEPT</OnMatch>
  </filter>
  <file>personalData.log</file>
  [...]
</appender>

    

Example 3.2. Logback Filtering using JaninoEventEvaluator (default evaluator)


The Logback default evaluator provides more sophisticated control right within the logging configuration without providing a custom evaluator. Example 3.2, “Logback Filtering using JaninoEventEvaluator (default evaluator)” shows an example how to only filter those events which really contain personal data and ignore those which might contain false positives.

Identifying Elastic Social Applications

In order to adjust the logging configuration for Elastic Social it is important to know which applications have Elastic Social enabled. To identify these applications you can search for transitive dependencies on any of the Elastic Social modules with Maven groupId com.coremedia.elastic.social. Example 3.3, “Elastic Social Applications Search” shows how you might find such usages based on GNU Grep and xargs.

$ grep --recursive --files-with-matches --ignore-case \
    --include "pom.xml" "<packaging>war</packaging>" | \
    xargs --replace \
        mvn --file {} dependency:tree \
            -Dincludes="com.coremedia.elastic.social*::jar"
            -DoutputFile=$TMP/elastic-social-applications.txt \
            -DappendOutput=true

    

Example 3.3. Elastic Social Applications Search


In default CoreMedia Blueprint the following applications use Elastic Social:

  • cae
  • es-worker-component
  • studio-client
  • studio-server

For details on application logging configuration see:

Search Results

Table Of Contents
warning

Your Internet Explorer is no longer supported.

Please use Mozilla Firefox, Google Chrome, or Microsoft Edge.