dom
/
telegraf
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

postgresql_extensible: Censor also other security related conn params 

While these aren't quite as sensitive as passwords, they do tend to be
long filesystem paths that shouldn't be reported along with
every measurement.
This commit is contained in:
Hannu Valtonen 2016-04-24 00:40:10 +03:00 committed by Cameron Sparr
parent c159460b2c
commit 01b01c5969
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
plugins/inputs/postgresql_extensible/postgresql_extensible.go
View File

@ -184,7 +184,7 @@ type scanner interface {
Scan(dest ...interface{}) error
}
var passwordKVMatcher, _ = regexp.Compile("password=\\S+ ?")
var KVMatcher, _ = regexp.Compile("(password|sslcert|sslkey|sslmode|sslrootcert)=\\S+ ?")
func (p *Postgresql) SanitizedAddress() (_ string, err error) {
var canonicalizedAddress string
@ -196,7 +196,7 @@ func (p *Postgresql) SanitizedAddress() (_ string, err error) {
} else {
canonicalizedAddress = p.Address
}
p.sanitizedAddress = passwordKVMatcher.ReplaceAllString(canonicalizedAddress, "")
p.sanitizedAddress = KVMatcher.ReplaceAllString(canonicalizedAddress, "")
return p.sanitizedAddress, err
}