HEX
Server: nginx/1.18.0
System: Linux proba.drlaca.appboxes.co 6.1.0-28-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.119-1 (2024-11-22) x86_64
User: appbox (1000)
PHP: 7.4.3-4ubuntu2.29
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
$ pwd: /usr/share/syslog-ng/include/scl/rewrite/
Upload Files
File: //usr/share/syslog-ng/include/scl/rewrite/cc-mask.conf
#############################################################################
# Copyright (c) 2013 Balabit
# Copyright (c) 2013 Márton Illés <marci@balabit.com>
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 as published
# by the Free Software Foundation, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
#
# As an additional exemption you are allowed to compile & link against the
# OpenSSL libraries as published by the OpenSSL project. See the file
# COPYING for details.
#
#############################################################################
#
# The rewrite rules below can be used to mask out or hash credit card
# numbers in log messages.
#
# Their usage is simple:
#
# log {
#  source (s_local);
#  rewrite { credit-card-hash(); }; # or credit-card-mask();
#  destination (d_local);
# };
#
# For more information about the topic, see the following blog post:
#  http://marci.blogs.balabit.com/2013/02/masking-credit-card-numbers-in-log-messages-with-syslog-ng/
#
# A notable difference compared to the blog post, is that the hash_cc
# rule is called credit-card-hash and mask_cc is credit-card-mask.

@define balabit.credit-card-regexp "(:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\d{3})\d{11})"

block rewrite credit-card-hash(value("MESSAGE"))
{
        subst("`balabit.credit-card-regexp`",
              "$(sha1 --length 16 $1)",
              value(`value`),
              flags(global, store-matches),
              type(pcre));
};

block rewrite credit-card-mask(value("MESSAGE"))
{
        subst("`balabit.credit-card-regexp`",
              "$(substr $1 0 6)******$(substr $1 -4 4)"
              value(`value`),
              flags(global, store-matches),
              type(pcre));
};
@ Telegram