You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jira@kafka.apache.org by "Mr Kafka (JIRA)" <ji...@apache.org> on 2018/10/16 00:11:00 UTC

[jira] [Created] (KAFKA-7510) KStreams RecordCollectorImpl leaks data to logs on error

Mr Kafka created KAFKA-7510:
-------------------------------

             Summary: KStreams RecordCollectorImpl leaks data to logs on error
                 Key: KAFKA-7510
                 URL: https://issues.apache.org/jira/browse/KAFKA-7510
             Project: Kafka
          Issue Type: Bug
          Components: streams
            Reporter: Mr Kafka


org.apache.kafka.streams.processor.internals.RecordCollectorImpl leaks data on error as it dumps the *value* / message payload to the logs.

This is problematic as it may contain personally identifiable information (pii) or other secret information to plain text log files which can then be propagated to other log systems i.e Splunk.

I suggest the *key*, and *value* fields be moved to debug level as it is useful for some people while error level contains the *errorMessage, timestamp, topic* and *stackTrace*.
{code:java}
private <K, V> void recordSendError(
    final K key,
    final V value,
    final Long timestamp,
    final String topic,
    final Exception exception
) {
    String errorLogMessage = LOG_MESSAGE;
    String errorMessage = EXCEPTION_MESSAGE;
    if (exception instanceof RetriableException) {
        errorLogMessage += PARAMETER_HINT;
        errorMessage += PARAMETER_HINT;
    }
    log.error(errorLogMessage, key, value, timestamp, topic, exception.toString());
    sendException = new StreamsException(
        String.format(
            errorMessage,
            logPrefix,
            "an error caught",
            key,
            value,
            timestamp,
            topic,
            exception.toString()
        ),
        exception);
}{code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)