2

Looking at the SEQ Serilog documentation and there is documentation on destructuring and creating custom ITextFormatter which seems like the place to start, but I would like to know if and how it would be possible to change the underlying log serialization say to UTF8, UTF32, Unicode, etc.

Possible? Impact to current log raw serialization if it is possible to change it.

I am using Seq 5.1.3004 currently

Nicholas Blumhardt
  • 30,271
  • 4
  • 90
  • 101
Robin Michael
  • 23
  • 1
  • 2
  • 3
  • Hi Robin! I'm not 100% sure how the picture fits together - where are you hitting encoding issues? (I.e. are you seeing incorrectly encoded Unicode somewhere, etc.?) Cheers! – Nicholas Blumhardt Mar 11 '20 at 21:55
  • The question comes from a 3rd party security scanner application. I have tested the logs and when I write XSS tags and injected javascript SEQ is neutralizing the inputs while maintaining the content. I stated and showed the scanner this point, but they are asking if I exported the logs to some of logger the guarantee is no longer there is their worry. So can I effectively guarantee the export format is always neutralized or overwrite the raw stored format is the question. Thanks – Robin Michael Mar 14 '20 at 21:58
  • I think in that case your best bet would be to write a wrapper sink, e.g. `WriteTo.Sanitize(wt => wt.Seq(...))` where the `Sanitize` bit would need to be your own code that uses some kind of logic to identify potential XSS content in messages and property names/values, and performs some kind of dynamic replacement. It's tough to do correctly, though - hence we make very sure that Seq handles displaying of untrusted log data carefully. – Nicholas Blumhardt Mar 15 '20 at 23:56
  • Thanks this is what I will recommend. – Robin Michael Mar 22 '20 at 02:01

0 Answers0