Detect & Mask Sensitive Data In Logs


Businesses have application logs that contain sensitive data. That sensitive data needs to be redacted or scrubbed for following reasons

  • Compliance: GDPR, HIPAA, CCPA and many other privacy laws enforce all customer sensitive data to be scrubbed/redacted/or not accessible after certain time period.
  • Security: Insider attacks are common where employees who have access to customer's sensitive data lead to data exfiltration


Strac Log Redactor is a Data Loss Prevention (DLP) software. It masks (aka redacts) sensitive data elements in logs while still giving the opportunity to authorized users to view those logs in Strac UI Vault. A business can configure a list of sensitive data elements (SSN, DoB, DL, Passport, CC#, Debit Card, API Keys, etc.) to redact. Compliance, Risk and Security officers will get audit reports of who accessed what logs.

Below is a sample list of sensitive data elements that will be detected & redacted:

  • Identity: Drivers License, Passport, SSN (Social Security Number), National Identification Number, etc.
  • PII: Name, Address, Email, Phone, DoB, Age, Gender, Ethnicity, etc.
  • PHI: PII data, Medical Record Number (MRN), Insurance ID, Health Plan Beneficiary Number, Biometric, Medical Notes, etc.
  • Payments (aka Financial Details) or PCI (Payment Card Industry) Data Elements: Bank Account, Routing Numbers, Credit Card Number, CVV, Expiration Date, Debit Card, IBAN, etc.
  • Secrets: API Keys, Passwords, Passphrases, etc.
  • Vehicle: License Plate, Vehicle Identification Number (VIN), etc.
  • Physical Network: IP Addresses, MAC Address, etc.
  • Crypto Secrets: Seed Phrase, Bitcoin, Ethereum, Litecoin Addresses, etc.
  • Profanity: Curse words, abuse words, etc.
  • Custom: Create your own rules or use regex

Checkout Strac's catalog of sensitive data elements that Strac automatically detects and redacts.


Please contact hello@strac.io for any questions