Micah Anderson wrote:
Hello,
A couple years ago this patch was submitted to the list for consideration for inclusion into syslog-ng. I am writing this email again to request that it be considered again. The patch provides a simple replace which enables you to strip out IP addresses from your logs before they are written to disk. The patch has been included in the Debian stable distribution, and currently is included in both Debian Sid and Lenny (unstable and testing). It has had a very wide testing base and is non-intrusive, it has existed since 2004 and has been adapted to work with the newer syslog-ng. The goal of this patch is to give an organization the means to implement site logging policies, by allowing for easy control over exactly what data is retained in the logfiles.
When I first requested consideration for inclusion the reactions were some suggestions for improvement (which were done), some side discussions about the various states of data retention laws, and a general agreement that this patch is non-intrusive and had a valid use case (at least in the U.S., but also likely in other countries as well[0]).
I don't want to imply that this patch is in any way undesirable. On the contrary I think that it is very useful, however, the same result can be obtained by the general message rewrite facility that has already been proposed. I would rather have the authors work on the general message rewrite engine so that we can have a code base that meets more needs, rather than specific needs. Perhaps your patch is a good example of how to implement message rewriting and could be a starting point for the author (I have not looked at any of the code, so I can't comment on this aspect). Just my $0.02 -- Evan Rempel