Query Loki hide sensitive data

rmgva · October 20, 2024, 11:41am

I have a log that contains sensitive data and I would like to hide this data in the log output.

example of the query.
{job=“example”, level=“error”} | json | line_format Message: {{.body}}

exit the query.
Message: error client whith cpf 1234567890 is not found

It is possible to hide sensitive data, I would like the output of the example above to be.
Message: error client whith cpf 123****890 is not found

Help please.

jangaraj · October 21, 2024, 12:10am

tonyswumac · October 21, 2024, 11:19pm

You really only have one option when it comes to sensitive data, not just in Loki, in any data storage platform, and that is to redact the sensitive part of your logs and data before sending it to your storage.

rmgva · October 22, 2024, 10:29pm

Yes, I think so too. But would it be possible to create a replace ? Do you have any example of a query with replace ? plz

jangaraj · October 22, 2024, 11:03pm

How secure will be a query with “replace”?
Only visually. Average user can play with browser console and remove that “replace” from the query to get sensitive nonreplaced data.

Topic		Replies	Views
How do i use LogQL to zero out IP addresses and PII infromation Grafana Loki	8	614	March 8, 2025
Hide sensitive data at grafana flow agent or grafana tempo tracing information Grafana Alloy agent , tempo	0	581	May 16, 2023
Json data visualization Grafana Loki visulazation	6	945	March 26, 2025
Can we mask our secrets into grafana logs? Configuration explore , grafana	4	1530	May 22, 2023
Deleting Specific User Data in Loki Grafana Loki	1	522	May 31, 2023

Query Loki hide sensitive data

Related topics