Details
-
Improvement
-
Status: Resolved
-
Normal
-
Resolution: Fixed
-
None
-
running on linux
Description
if using a third party log aggregator (which many cloud users use), this causes db credentials to be reproduced offsite, which has potential to be security issue. I would prefer the ability to disable the logging of this information while still setting log4j.logger.org.apache.cassandra=DEBUG
example system.log entry:
DEBUG [Native-Transport-Requests:373] 2015-06-21 07:52:44,595 Message.java (line 326) Responding: AUTHENTICATE org.apache.cassandra.auth.PasswordAuthenticator, v=1 DEBUG [Native-Transport-Requests:384] 2015-06-21 07:52:44,597 Message.java (line 319) Received: CREDENTIALS {username=redacted, password=redacted}, v=1