Mask sensitive data in ASM

Question

Hi all,&nbsp;from theASMmodule, I canmask some data(such as passwords)inlogsthataresenttoanexternalsyslog?&nbsp;
&nbsp;Thanks
&nbsp;m&nbsp;

mike_maher · Answer

Depending on what version of the software you are running, when you create a parameter there is a check box to mark it as a sensitive parameter and that will hide the value in the logs&nbsp;

hooleylist · Answer

Hi Mauro, 
&nbsp;  
&nbsp; Are these parameters in the HTTP request URI or payload that you want to mask?  If so, have you configured them as sensitive parameters in the policy?  I'm not sure whether ASM supports masking sensitive data outside of parameters though. 
&nbsp;  
&nbsp; Aaron

mauro_59211 · Answer

Thanks for your answers, 
&nbsp; Use this release: 
&nbsp; BIG-IP 10.2.1 Build 297.0 Final, 
&nbsp; the parameter are in payload. 
&nbsp;  
&nbsp; I thought the field was reported only sensitive to the responses of the web server to the client, and not to the logs, but I read now in the online web help that is also working on the logs :-) I  try now its, thanks 
&nbsp; mauro

Forum Discussion

Mask sensitive data in ASM

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

irule or ASM Dataguard to mask sensitive data.

Response port masking

Lightboard Lessons: OWASP Top 10 - Sensitive Data Exposure

Mitigation of OWASP API Security Risk: Unrestricted Access to Sensitive Business Flows using F5 XC

URI Masking

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS