Apama 10.15.0 | Developing Apama Applications | Protecting Personal Data in Apama Applications | Handling personal data "at rest" in log files | Example log messages containing personal data
 
Example log messages containing personal data
These files include logging performed by the customer's application and by standard Apama connectivity, EPL or IAF plug-ins and the correlator, IAF and dashboard servers themselves.
For example, customer application log statements may contain personal data. It is also important to note that the contents of Apama events are often logged (either in full, or truncated so that only the beginning of the event's fields are displayed) if an error occurs during processing or sending of the event, and data from events or other EPL data structures may be logged as part of error messages.
We provide a small set of indicative log messages as examples to give an idea of the kind of data that may be present. Note that this is for illustrative purposes only. It is not possible to provide an exhaustive list of all possible log messages, and the format of the messages shown below is subject to change at any time and should not be relied upon.
When a client connects directly to the correlator port, the IP addresses and username are logged (note that the username is not authenticated, so should not be relied upon for security purposes; this would be either a system administrator or another machine, not an end user):
2018-05-3014:23:43.950 INFO [30188] - Sender engine_inject
(MY_USERNAME) (0000000000435490) (component ID
6561364086281508704/6561645561258219360) connected from 127.0.0.1:6714
When the HTTP server connectivity plug-in receives a new incoming connection, the IP address and username is logged (authentication and TLS may optionally be enabled, in which case the username can be relied upon):
2018-05-30 14:23:45.257 INFO [29300] -
<connectivity.httpServer.httpServer-instance> Started receiving messages
from host 127.0.0.1
2018-05-30 14:23:45.260 WARN [29300] -
<connectivity.httpServer.httpServer-instance> Authentication failed for
user 'uniqueusername' from host 127.0.0.1.
When an event is sent directly to the correlator and cannot be parsed (perhaps due to an application bug, or an error in the format used by the sender), a message like this will be logged (in log messages like this, all the personal data is in customer-defined fields):
2018-05-30 16:36:58.609 WARN [29308] - Failed to parse the event
"com.acme.MyEvent("private political opinions go here", "1/2/1990",
"My full name", "MY_USERID")" from My Sender Client due to the error:
Unable to find event type com.acme.MyEvent
When a connectivity plug-in fails to transform an incoming message into the form the application is expecting, the message will be logged. The order in which the fields appear is undefined, and it is possible the message will be truncated:
2018-05-30 16:44:47.811 WARN [17644:processing] -
<connectivity.myCodec.myFirstChain> Codec plug-in MyCodec failed to
transform message Message<metadata={"sag.channel"="MyFirstChainChannel",
"sag.type"="MyMessage", "username":""J_BLOGGS"}, payload={"medical
info": "Embarrassing medical info here", "name":"Joe Bloggs",
"username:"J_BLO...}>: java.lang.Exception: Something bad happened
When correlator-integrated JMS receives an invalid incoming message, it may log some or all of the body (which may contain customer-defined personal data), potentially truncated if it is long:
2018-05-30 16:25:37.114 WARN
[11708:JMSReceiver:myConnection-receiver-apama-queue-01] -
1 mapping rule warning(s) while mapping to target event:
test.TestMessage("DOB=1/2/1990","Embarrassing medical info here",
"Joe Bloggs","J_BLO...:
- MappingRule<source="${jms.body.textmessage}",
target="${apamaEvent['str']}", action="xpath", actionResource="/xxx">
- Exception evaluating the xpath "/xxx": org.xml.sax.SAXParseException;
lineNumber: 3; columnNumber: 70; The element type "xxx" must be
terminated by the matching end-tag "</xxx>".
with source JMS message:
Property.USERNAME=J_BLOGGS
---> JMSDestination=Queue<apama-queue-01>
---> Body=<mydata>
---> <val key="date_of_birth">1/1/2018</val>
---> <val key="name">Joe Bloggs</val>
---> <val key="medicalinfo">Embarrassing medical info here</val>
---> <val key="username">J_BLO...