[dnsdist] Dynamic Rule Block Logs Host Address
Remi Gacogne
remi.gacogne at powerdns.com
Thu Aug 29 14:34:41 UTC 2019
Hi Brian,
On 8/29/19 3:50 PM, Brian Sullivan wrote:
> When I use a dynamic rule block and it gets triggered I see a log
> message as follows:
> *dnsdist[15542]: Inserting dynamic block for 10.51.76.142 for 10
> seconds: Exceeded Query Rate*
>
> Is there a way to truncate the IP Address? It is considered PII and we
> are required to not log any PII.
I'm afraid we don't have any way to do that at the moment. I just opened
a pull request [1] that makes it possible to not have anything logged at
all when a new dynamic block is inserted, but that's an all-or-nothing
option.
Please open a feature request on GH if you would like to have the
truncation feature implemented.
[1]: https://github.com/PowerDNS/pdns/pull/8252
Best regards,
--
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20190829/41bef142/attachment.sig>
More information about the dnsdist
mailing list