许多系统为了安全需要对敏感信息(如手机号、邮箱、姓名、身份证号、密码、卡号、住址等)的日志打印要求脱敏后才能输出,本文将结合个人经历及总结分享一种log4j日志脱敏方式,logback实现日志脱敏请移步
代码地址
https://gitee.com/BlueDriver/code-demo/tree/master/demo/log-sensitive
自定义Layout
import org.apache.logging.log4j.core.Layout;
import org.apache.logging.log4j.core.LogEvent;
import org.apache.logging.log4j.core.config.Node;
import org.apache.logging.log4j.core.config.plugins.Plugin;
import org.apache.logging.log4j.core.config.plugins.PluginAttribute;
import org.apache.logging.log4j.core.config.plugins.PluginElement;
import org.apache.logging.log4j.core.config.plugins.PluginFactory;
import org.apache.logging.log4j.core.layout.AbstractStringLayout;
import org.apache.logging.log4j.core.layout.PatternLayout;
import org.apache.logging.log4j.core.pattern.RegexReplacement;
import java.nio.charset.Charset;
@Plugin(name = "MyPatternLayout", category = Node.CATEGORY, elementType = Layout.ELEMENT_TYPE, printObject = true)
public class MyPatternLayout extends AbstractStringLayout {
private PatternLayout patternLayout;
private Boolean sensitive;
private RegexReplacement[] replaces;
protected MyPatternLayout(Charset charset, String pattern, Boolean sensitive, RegexReplacement[] replaces) {
super(charset);
patternLayout = PatternLayout.newBuilder().withPattern(pattern).build();
this.sensitive = sensitive;
this.replaces = replaces;
}
/**
* 插件构造工厂方法
*
* @param pattern 输出pattern
* @param charset 字符集
* @param sensitive 是否开启脱敏
* @param replaces 脱敏规则
* @return Layout<String>
*/
@PluginFactory
public static Layout<String> createLayout(@PluginAttribute(value = "pattern") final String pattern,
@PluginAttribute(value = "charset", defaultString = "UTF-8") final Charset charset,
@PluginAttribute(value = "sensitive") final Boolean sensitive,
@PluginElement("replace") final RegexReplacement[] replaces) {
return new MyPatternLayout(charset, pattern, sensitive, replaces);
}
@Override
public String toSerializable(LogEvent event) {
// 原日志信息