1

In Audit.Net, is it possible to filter request bodies being saved containing sensitive data? This is for Audit.WebAPI.

E.g., There's a JSON request body with {"username": "me", "password": "sensitive"}. Can the password value "sensitive" be replaced by ""?

Richard
  • 603
  • 5
  • 14

1 Answers1

1

You could add a custom action that sanitizes the body string on the audit event.

For example:

using Audit.WebApi;

Audit.Core.Configuration.AddCustomAction(ActionType.OnScopeCreated, scope =>
{
    var action = scope.GetWebApiAuditAction();
    var bodyString = action?.RequestBody?.Value?.ToString();
    if (!string.IsNullOrEmpty(bodyString))
    {
        action.RequestBody.Value = Sanitize(bodyString);
    }
});

Using a regular expression:

private string Sanitize(string input)
{
    var pattern = @"\s*\""password\"" *: *\"".*\""(,|(?=\s+\}))";
    var substitution = @"""password"": """"";
    var regex = new Regex(pattern);
    return regex.Replace(input, substitution);
}
thepirat000
  • 12,362
  • 4
  • 46
  • 72