aspose file tools*
The moose likes Java in General and the fly likes Chaning the log file Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Java in General
Bookmark "Chaning the log file" Watch "Chaning the log file" New topic
Author

Chaning the log file

Arjun Shastry
Ranch Hand

Joined: Mar 13, 2003
Posts: 1874
Hi,
There is one (java)application which writes data(like Credit card number) to log file in text format.After log file size reaches 10MB, application creates new log file App.log.1,App.log.2...) We want to hide this Credit card number and customer details in log file.One(and better) way is to change the code in that application which writes this Customer data.This application is run once a week by administrator to generate report .
Unfortunately there is no owner for this application(Its been there since 2001/2002 and code does not have any comments)!!.So we don't want to touch this code.
What are alternatives to this? Operating System is Solaris. We are thinking of writing Shell Script/AWK so that this script will monitor the log file and hide the Cutomer details in log file by changing the log content.This doesn't seem fully secure though.



MH
David Newton
Author
Rancher

Joined: Sep 29, 2008
Posts: 12617

If the logging statements have side effects (the only reason anyone should be scared to touch a *log statement*), then your problems are deeper than the logging statements. Likewise, if you're unable or unwilling to recompile and redeploy the project, you have a *serious* problem if this is an application central to your business.

Fix the log statements.
Arjun Shastry
Ranch Hand

Joined: Mar 13, 2003
Posts: 1874
Thanks.Application is not central.Basically it generates the reports on weekly basis.But as per new policy, all customer sensative data should not be visible.This reporting application has more than 300 java classes!!. Iam waiting for source code.
Rob Spoor
Sheriff

Joined: Oct 27, 2005
Posts: 19696
    
  20

Arjun Shastry wrote:Iam waiting for source code.

http://faq.javaranch.com/java/DoYourOwnHomework
http://faq.javaranch.com/java/NotACodeMill


SCJP 1.4 - SCJP 6 - SCWCD 5 - OCEEJBD 6
How To Ask Questions How To Answer Questions
David Newton
Author
Rancher

Joined: Sep 29, 2008
Posts: 12617

You're waiting for what source code?
Arjun Shastry
Ranch Hand

Joined: Mar 13, 2003
Posts: 1874
The complete source code of the application which logs the data is not yet available to us.and whatever code available is without any comments.
( I am not asking here for any code!! )
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18570
    
    8

Why are you waiting for the source code? It's your application, isn't it? Just get a decompiler and make your own source code.
Anurag Blore
Ranch Hand

Joined: Jan 15, 2003
Posts: 74
Arjun,

If its a credit card/customer information and some how if you modify the original log file then the original application log will be lost. If you duplicate the log file and use awk or something from unix to change the log file then still you will have issues as you will be duplicating the customer info. Can you check what is the log level in your app where you can setup some option to print only exceptions. If not then as everyone suggested you must change the code. This must have become an issue after some type of audit or compliance I guess.


Thanks,
Anurag
SCJP 1.2 & 1.5, PMP
Arjun Shastry
Ranch Hand

Joined: Mar 13, 2003
Posts: 1874
"This must have become an issue after some type of audit or compliance I guess"

yes. Decompiling and checking how logging is done is better option.
salvin francis
Ranch Hand

Joined: Jan 12, 2009
Posts: 928

better read the license agreement before decompiling


My Website: [Salvin.in] Cool your mind:[Salvin.in/painting] My Sally:[Salvin.in/sally]
 
 
subject: Chaning the log file