Any opinion about this proposed change?
-Jaikiran
On Tuesday 16 August 2016 02:28 PM, Jaikiran Pai wrote:
We are using 0.9.0.1 of Kafka (Java) libraries for our Kafka consumers
and producers. In one of our consumers, our consumer config had a SSL
specific property which ended up being used against a non-SSL Kafka
broker port. As a result, the logs ended up seeing messages like:
17:53:33,722 WARN [o.a.k.c.c.ConsumerConfig] - The configuration
*ssl.truststore.password = foobar* was supplied but isn't a known config.
The log message is fine and makes sense, but can Kafka please not log
the values of the properties and instead just include the config name
which it considers as unknown? That way it won't ended up logging
these potentially sensitive values. I understand that only those with
access to these log files can end up seeing these values but even then
some of our internal processes forbid logging such sensitive
information to the logs. This log message will still end up being
useful if only the config name is logged without the value.
Can I add this as a JIRA and provide a patch?
-Jaikiran
