GDPR: Obfuscation on details in Server log and Report Log
Based on the changes related to GDPR, there have been significant work done with Flexnet Publisher Toolkit to allow publisher/end users to adopt the law for GDPR.
Here is a brief of work done for the same:
1.) Debug log attributes: (Starting FNP-11.17.1) - [FNP-23218]
Usages: DEBUGLOG [+]debug_log_path [OBF_ADDMARK] [AUTO_ROLLOVER size]
The OBF_ADDMARK enables the affixing of obfuscation markers (OBF_STRT: username :END_OBF) to username in debug log.
2.) lmobfslog: New Utility introduced to generate the obfuscated Usernames for the debug log files: (Starting FNP-11.17.1) - [FNP-23039]
Thus Utility is introduced to work on below:
- Obfuscating the usernames in the debug log file.
- Removing the markers and generating original debug log file.
The lmobfslog utility processes the debug log file to generate the obfuscated usernames. It is used for debug log processing.
Note • If the debug log has been produced with OBF_ADDMARK option, only then the lmobfslog utility can generate obfuscated usernames in the debug log.
Usages: lmobfslog [-i debug_log] [-o new_debug_log] <-rmarker> Where: '-rmarker', Removes the markers from the debug log file.
3.) Reportlog: (Starting FNP-11.16.2) - [FNP-18717]
REPORTLOG specifies the report log file for this vendor daemon. It is recommended preceding the report_log_path with a + character to append logging entries; otherwise, the file is overwritten each time the daemon is started.
REPORTLOG [+]report_log_path [HIDE_User]
On Windows, path names that include spaces have to be enclosed in double quotes. If lmgrd is started as a service, the default location for the report log file is the current working directory unless a fully qualified path is specified. The optional parameter [HIDE_USER] can be specified so that any user names will be SHA2 hashed before being written to the encrypted REPORTLOG.
Update [Jan 25th, 2020]:
We have no plans to obfuscate user-name while it is being written into server logs because we feel we need this to debug any reported issues. But if companies have to ship their logs for external audit they can use this utility to obfuscate and send it outside their Org ID