Hello Loggers! I was playing around with the latest 3.4.1 release and created two rewrite configuration blocks to mask and hash credit card numbers in log messages. I think it would be a good idea to add these config blocks to SCL so anyone could use it latter easily. These are fairly simple two blocks: block rewrite hash_cc(value("MESSAGE")) { subst( "(?P<1>:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\d{3})\d{11})", "$(sha1 --length 16 $1)", value(`value`), flags(global, store-matches), type(pcre)); }; block rewrite mask_cc(value("MESSAGE")) { subst( "(?P<1>:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\d{3})\d{11})", "$(substr $1 0 6)******$(substr $1 -4 4)" value(`value`), flags(global, store-matches), type(pcre)); }; You can use it in your rewrite statements easily: log { source(s_local); rewrite { mask_cc(); }; #rewrite { hash_cc(value(".sdata.my-cc")); }; destination(d_local); }; And it turns a message like this: Transaction approved; checkout-id='46255763', amount='38.43', cc='5542043004559005' Into this, in case of masking: Transaction approved; checkout-id='46255763', amount='38.43', cc='554204******9005' And in case of hashing: Transaction approved; checkout-id='46255763', amount='38.43', cc='986d97fc95435b22' For anyone interested in more details on credit card number masking/hashing/tokenization I also wrote a blogpost about this: http://marci.blogs.balabit.com/2013/02/masking-credit-card-numbers-in-log-me... The regexps could be enhanced further, but I guess it is good for a start. Bazsi, Algernon could you please add this to SCL? Sorry, I was lazy to generate a git pull request. :( Happy Masking! cheers, Marton