Version 9.0 Redacting information in Error Log

Question

Dear Community Members,Has anyone experienced information in the log being redacted. I found this in the latest documenation.However, i see no pattern of what is considered sensitive.&nbsp;I have a data table dump in the decimal positions are redacted.I am logging the keys and values of two dictionaries. in both dictionaries the value is an integer.&nbsp; One value is shown while the other value in redacted. Both values come from a text member of a dimension member.&nbsp;In other cases i am logging the name of the business rule and the name of the function. Sometimes the RULENAME is redacted, sometimes it is not.&nbsp; Which leads me to believe that the logic thinks that the name is sensitive?!&nbsp;&nbsp;Is this sensitivity controllable maybe on the app settings on the server? Cause it seems overly sensitive or plainly wrong in determining what is sensitive and what is no.

rhankey · Answer

It will be interesting to hear if there is a config parameter by AppServer, App, or User somewhere to turn this "feature" on/off, or if there is way to toggle it on/off when logging specific output.

In the meantime, the workaround I have been using to overcome this new "feature" is by formatting numeric values as I'm writing them to the log. Eg:

api.LogMessage("DecValue="+DecValue.ToString("N2")+", IntValue="+IntValue.ToString("0"))

WernerN · Answer

Thanks Jack,The new feature redacts this name of a business rule "WsasDataManagementStep", or this name of a function "LoadMarketLookUpDictionary".&nbsp; English is not my first language, but I cannot find anything wrong with these names and i built 'Clean up words' algorithms before.&nbsp;But anyway, I would hope that we get a hotfix quickly as the current feature pretty much renders logging useless. And I have to admit that i find it difficult to believe that one would log anything that is sensitive when i can right click on any cubeview that might show sensitive financial information and export to Excel. Or is Version 9.0 also redacting when exporting to Excel.On a side note Jack, great presentation on Dynamic Cubes on Wednesday.&nbsp; &nbsp;

rhankey · Answer

Outputting to the file share also sidesteps the [redacted] messages.

But agreed, we need a way to turn-off this "feature" (not just dial it back), as it makes debugging logic much more difficult.

It would seem a far better way to handle the redacting would be to write unredacted message to the ErrorLog, and only apply the redacting the entire message (not just amounts containing a certain number of zeros) when displaying the log if the user looking at the log is not the owner of the log entry or is not a member of an authorized group.

WernerN · Answer

Thank you rhankey​&nbsp;i thought about converting to string. did not think about the N2.However, the strange behaviour observable is that, and again without a pattern, i also get strings redacted. I write the rule and function names to the log and sometimes the rulename, sometimes the function name is redacted (I have both in a constant).And gain, thanks for the tip and responding so fast.&nbsp; let;s see what our OneStream friends are saying.

JackLacava · Answer

I hear you, I agree that we went a bit overboard with this feature. It gets triggered in "interesting" cases, like when a string has 8 consecutive zeros... It can be maddening.
Future releases will likely dial it down a bit.

Forum Discussion

Version 9.0 Redacting information in Error Log

8 Replies

Related Content

Loading version 6.8 application on version 7.4

Version 8.4 to 8.5

Cube Attribute Information

Database information reports

New OneStream Version