This repository has been archived by the owner on Apr 13, 2020. It is now read-only.
Liveness checkers logs connection string #107
Comments
|
Had to disable all logging from BeatPulse namespace because of this. Please fix. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Some of the liveness checkers, such as SqlServer, MySql, NpgSql and other database checkers, log their connection string in the
IsHealthymethod.This is a bit unfortunate, since it contains the password to the database, which is not always something you want in your logs.
It is possible to prevent this by changing the log level for the BeatPulse namespace in the application, but this can also be a bit challenging because the log level used to log the connection string is different across the various checkers. See #106 for more info on this.
Some of the checkers (such as SqlServer) log the connection string as
Warningwhen it fails, so to prevent that you would essentially have to disable all logging from BeatPulse above theErrorlevel.Do you have any other suggestions on how to prevent logging the connection string password when running these checkers?
My suggestion would be to not log the connection string at all. I can see why it might be useful for some users, but I prefer security over convenience in this case.
The text was updated successfully, but these errors were encountered: