Jeremiah,
You can add a filter to the Logger
https://logging.apache.org/log4j/2.x/manual/filters.html
<!-- DEBUG Created seed map='{username=[loginname]}' for
uid='loginname' -->
<Logger
name="org.apereo.services.persondir.support.CachingPersonAttributeDaoImpl"
level="warn" >
<RegexFilter regex="Created seed map=.*" onMismatch="DENY" />
</Logger>
Ray
________________________________
From: cas-user@apereo.org <cas-user@apereo.org> on behalf of Jeremiah Garmatter
<j-garmat...@onu.edu>
Sent: 22 July 2024 06:45
To: CAS Community <cas-user@apereo.org>
Subject: [cas-user] Remove principal from audit logs
Is it possible to remove the user's principal from audit logs in CAS 7?
I resolve all relevant user attributes with the principal instead of using a
separate LDAP connection. It seems like SAML2 authentications want to print
every resolved attribute in the principal and it really clutters the logs.
Anyone know of a way to remove principal attributes from the log files? I would
like to keep the logs intact, just remove the principal field if possible.
Here's an example of one of these auth attempts:
2024-07-22 09:15:37,387 INFO [org.apereo.inspektr.audit.AuditTrailManager] -
2024-07-22T13:15:37.386909125!my-username!{result=Service Access Granted,
principal=SimplePrincipal(id=my-username, attributes={cn=[my cn],
department=[Office of Information Technology], displayName=[my name],
duoAud=[some code], duoAuthCtxAccessDeviceIp=[an IP],
duoAuthCtxAccessDeviceLocationCity=[my locality],
duoAuthCtxAccessDeviceLocationCountry=[United States],
duoAuthCtxAccessDeviceLocationState=[my state], duoAuthCtxApplicationName=[CAS
- DUO Universal], duoAuthCtxAuthDeviceHostname=[a phone number],
duoAuthCtxAuthDeviceIp=[an ip], duoAuthCtxAuthDeviceLocationCity=[a location],
duoAuthCtxAuthDeviceLocationCountry=[United States],
duoAuthCtxAuthDeviceLocationState=[a state],
duoAuthCtxEventType=[authentication], duoAuthCtxFactor=[duo_push],
duoAuthCtxReason=[user_approved], duoAuthCtxResult=[success],
duoAuthCtxTimestamp=[1721653942], duoAuthCtxTxId=[an id], duoAuthCtxUserKey=[a
key], duoAuthResult=[allow], duoAuthResultStatus=[allow],
duoAuthResultStatusMessage=[Login Successful], duoAuthTime=[1721653942],
duoExp=[1721657542], duoIat=[a number], duoIss=[a duo endpoint],
duoPreferredUsername=[a username], duoSub=[a username],
eduPersonNickName=[name], EmailAddress=[an email], givenName=[a name],
memberOf=[A very long list of groups], organizationalunit=[Office of
Information Technology], pwdLastSet=[data], schoolName=[data],
schoolNumber=[data], sn=[surname], telephoneNumber=[a phone number], title=[a
title], UDC_IDENTIFIER=[a value], uid=[username], username=[a username],
userType=[data]}), service=my-service,
requiredAttributes={}}!SERVICE_ACCESS_ENFORCEMENT_TRIGGERED!192.168.95.246!my
server IP!
--
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/6983a4e7-b724-48fb-a9fb-15028c95507bn%40apereo.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/6983a4e7-b724-48fb-a9fb-15028c95507bn%40apereo.org?utm_medium=email&utm_source=footer>.
--
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/YT3PR01MB9946E1A286C0CCE6F90E3AF5CEA82%40YT3PR01MB9946.CANPRD01.PROD.OUTLOOK.COM.
