有没有办法控制发送到AppInsights跟踪的数据。正如官方文档所述,文件处理和预处理是可行的方法。我无法从POST&PUT获取属性(密码)。由于密码是敏感的,我不想发送到App Insights。以下是我的追踪:
“值”:“client_id = {someguid}&resource = {someguid}&username = {username}&password = {password}&grant_type = password&scope = openid&nca = 1; 1; login-NonInteractive; False”
public void Initialize(ITelemetry telemetry)
{
var requestTelemetry = telemetry as RequestTelemetry;
if (requestTelemetry != null && (HttpContext.Current.Request.HttpMethod == HttpMethod.Post.ToString() || HttpContext.Current.Request.HttpMethod == HttpMethod.Put.ToString()))
{
using (var reader = new StreamReader(HttpContext.Current.Request.InputStream))
{
string requestBody = reader.ReadToEnd();
requestTelemetry.Properties.Add("body", requestBody);
}
}
}
目前直接的答案是Application Insights
不支持。
你可以在这里看看如何处理Personal Data with Application insights
注意:如果您有兴趣查看或删除个人数据,请参阅Azure Data Subject Requests获取GDPR文章。如果您正在寻找有关GDPR的一般信息,请参阅服务信任门户网站的GDPR section。
对于任何典型项目,不建议以裸体形式存储/显示密码(即使在日志中也是如此)。这严重侵犯了隐私
对于你的用例,正如Ivan Yang在评论中提到的那样。您应该过滤掉/删除密码,而不是将整个请求正文内容放入/转储到应用洞察日志中。
public void Initialize(ITelemetry telemetry)
{
var requestTelemetry = telemetry as RequestTelemetry;
if (requestTelemetry != null && (HttpContext.Current.Request.HttpMethod == HttpMethod.Post.ToString() || HttpContext.Current.Request.HttpMethod == HttpMethod.Put.ToString()))
{
using (var reader = new StreamReader(HttpContext.Current.Request.InputStream))
{
string requestBody = reader.ReadToEnd();
int startIndex= requestBody.LastIndexOf("&password=");
int endIndex= requestBody.LastIndexOf("&scope=");
requestBody = requestBody.Replace(requestBody.Substring(startIndex, (endIndex - startIndex) -1),"");
requestTelemetry.Properties.Add("body", requestBody);
}
}
}
你可以提供你的own feedback here,如果你真的想要一个功能,如打开/关闭一些字段在登录到app洞察期间掩盖/取消屏蔽