Removing Personally Identifiable Information from the Server Log
The Integration Server server log contains information about operations and errors that occur on Integration Server. The amount of data that Integration Server and other layered products write to the server log depends on the logging levels in use.
At a minimum, Integration Server rotates the server log daily, but the server log can be configured to rotate based on size, resulting in multiple logs for a single day. When Integration Server rotates the server.log file, Integration Server renames the current log to use the archive file name and starts a new server.log file. The archive file name uses the format server.log_yyyyMMdd_HHmmssSSSZ, where yyyyMMdd_HHmmssSSSZ is the date and time the log file was created. Integration Server stores the server log and the server log archive files in the same directory.
The default name and location of the server log is: Software AG_directory \ Integration Server_directory \instances\instance_name\logs\server.log
The following table identifies the type of user data that might be written to the server.log, how to find it, and how to remove it.
Data | How to find and remove |
User name | Use a text editor to perform a search and replace for the user name in the server.log or the archive files. For example, you could search the server.log files for the user name and replace the user name with an anonymous string or a blank string. |
Client IP Address | Integration Server rarely includes the client IP address in a server log message. To locate these messages, use a text editor to search the server log files for messages with the following message IDs and then remove or replace the client IP address in the messages. ISS.0053.0002C ISS.0053.0012C ISS.0053.0017C ISS.0138.0505E ISC.0037.0013D ISC.0064.0014T ISC.0064.0015T ISC.0064.0020T ISC.0064.0021T ISC.0064.0029T |
Email address | Integration Server rarely includes email addresses in server.log messages. Use a text editor to perform a search and replace for the email address in the server.log or the archive files Integration Server logs the email address of the administrator for the message with the following message ID: ISC.0063.0070D |
Note:
When running a Docker image of Integration Server in a Docker container, Integration Server writes the server log to the console as well as to the server.log file. You may need to edit log files generated by the logging driver used with Docker. For example, the json-file logging driver, which is the default logging driver for Docker, captures everything written to STDOUT and writes it to a JSON file. The JSON log file may be rotated. When the Docker container is destroyed, the JSON log files are removed. As a result, you might not need to remove identifying user data from the JSON log files. If, however, you used Docker volumes to persist configuration and log files to a mounted directory on the host file system, you may need to clean the externalized log files as described above.