[syslog-ng] [PATCH] tfhash: New template function to calculate the SHA1 of its input
Peter Gyongyosi
gyp at balabit.hu
Fri Aug 3 19:29:13 CEST 2012
tfhash: New template function to calculate the SHA1 of its input
This patch adds a new template function called $(hash) which can be used
to calculate the SHA1 hash of its inputs. As it uses the SHA1() function
from
OpenSSL, it is only available if syslog-ng is compiled using --enable-ssl.
One use case for it can be when you'd like to anonymize sensitive parts
of the
log message (eg. the user name) you parsed out using patterndb before
storing
or forwarding it for further analysis but would like to retain the
ability to
correlate messages along this value. Beware though that such simple
anonymization
can be broken if there's enough data available, see
http://arxiv.org/pdf/cs/0610105v2.pdf for references and examples.
Thanks for the original idea to Martin Grauel.
Signed-off-by: Peter Gyongyosi <gyp at balabit.hu>
---
[see the patch itself at
https://github.com/gyp/syslog-ng-3.4/commit/5c6e97d94694eef2aa76fa61a1c8928269f781ff
]
<https://github.com/gyp/syslog-ng-3.4/commit/5c6e97d94694eef2aa76fa61a1c8928269f781ff>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20120803/c7b65347/attachment.htm
More information about the syslog-ng
mailing list