Masking Sensitive Data/Parameters in Logs

Parameters in your messages can sometimes contain sensitive information, and revealing these values in logs poses a security risk. GLU.Engines generate two types of logs where values may need to be controlled:

  1. PAYLOAD Logs: These logs include parameters within the payload of a message.
  2. PARAM Logs: These logs print parameters separately.


The PAYLOAD mask specifically targets parameters within the payload when they are printed in logs. However, it does not mask the value when it is unmarshalling. To mask values when unmarshalled, adds a mask for the full string as it prints in the logs. PARAM masks are used to mask the value in the logs when it is unmarshalled.

To mask PAYLOAD values:

  1. Go to the ‘Transaction’ level within the Transaction Manager Panel.
  2. Use the ‘Mask PAYLOAD Values in Logs’ field.
  3. Define the ‘tags’ for any values that need to be masked along with the GLU reserved word “GLU_MASK” (e.g., “username”:”GLU_MASK”). This will replace the value for “username” with “**********”.

Since tags are used, any payload value can be masked, not just parameter values within the payload. Tags to be masked can be copied from your payload template configuration and will vary depending on the type of payload (XML, JSON, SQL call, etc.).

The GLU_MASK value masks the full line, so if you specify “username”: “GLU_MASK”, the value will also be included in the masking of “username” (e.g., “**********”).

PARAM Masking

Unchecking the ‘Mask PARAM Value in Logs’ checkbox (which is checked by default) ensures that parameters’ values are not masked in logs.

Any payload tag (PAYLOAD logs) or parameter name (PARAM logs) configured to be masked will be masked in all logs (INFO, WARN, DEBUG, etc.) associated with a particular transaction.

Was this article helpful?

Related Articles

Need Support?

Can't find the answer you're looking for?
Contact Support
Fill the form and we’ll contact you shortly

    I agree with

    We uses cookies to make your experience on this website better. Learn more
    Accept cookies