Encrypted Python logs with zato-enclog

December 10, 2015

Overview

A newly released zato-enclog package lets one store Python logs in an encrypted form making it a great fit for environments that cannot keep clear text form of data such as PII (Personally Identifiable Information) in HIPAA-compliant applications.

The package comes with command-line tools to decrypt files, including a command that mimics tail -f functionality to watch decrypted logs as they grow.

Usage examples from Zato ..

from logging import getLogger
from zato.server.service import Service

enclog = getLogger('enclog')

class MyService(Service):
    def handle(self):
        enclog.info('This will be encrypted')

.. and pure Python:

import logging
from zato.enclog import EncryptedLogFormatter, genkey

level = logging.INFO
format = '%(levelname)s - %(message)s'

key = genkey()
formatter = EncryptedLogFormatter(key, format)

handler = logging.StreamHandler()
handler.setFormatter(formatter)

logger = logging.getLogger('')
logger.addHandler(handler)
logger.setLevel(level)

logger.info('This will be encrypted')

CLI screenshots

Key generation:

Screenshot

Demo:

Screenshot

Using tailf -f vs. enclog tailf. The former will show logs in encrypted form whereas the latter will display them decrypted.

Screenshot

Screenshot

Learn more

More information can be found at https://zato.io/docs/progguide/enclog/index.html

Read More

Backing up and restoring Zato Single Sign-On data

Continue reading

Invoking Zato Python microservices with OpenAPI

Published on May 22, 2020

Zato services as containers for Python functions and methods

Published on March 10, 2020