ruby 8 lines · 1 tab

Sanitizing logs so secrets and PII do not leak downstream

Kai Nakamura Apr 2026
1 tab
Rails.application.config.filter_parameters += [
  :password,
  :password_confirmation,
  :token,
  :authorization,
  :ssn,
  :credit_card_number,
]
1 file · ruby Explain with highlit

Logs are one of the most common unintentional data exfiltration channels. I filter secrets, tokens, and PII before they leave the process, then I keep retention and access tight downstream. If your logs are rich enough to reconstruct private sessions, they are too rich.

Share this code

Here's the card — post it anywhere.

Sanitizing logs so secrets and PII do not leak downstream — share card
Link copied