-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add option to redact sensitive information from public facing error messages #10378
Comments
Hi! I don't think there's currently a way to influence what is displayed there. As much as I dislike global switches, I'm equally reluctant to remove all information from the error messages because that makes it extremely difficult to debug issues. (If so, I'd probably move this into the server repository for a fix later) Thanks! |
Maybe some sort of default error page would be awesome, else a checkbox to suppress error information is also a cool solution. |
Thanks! I'll bring it up with some folks to see what we can do here. |
Hi @kroepke! Is there any progress with it? |
Hi people,
We are using Graylog in our internal applications also when we aggregate or container logs. Recently we had a pentest and they came up with the exact issue that the internal server errors are giving too much information.
For example if you go to our logging service like https//logging.example.com/%%2e, it throws an error like the following,
There were a discussion in this link from 2018 but there were no concrete solutions. Is there a way to solve this kind of a problem?
The text was updated successfully, but these errors were encountered: