I use logback (logback-gelf vs.1.1.0) to log in my spring boot application. It has configuration xml file and I try to write regular expression to mask passwords in this configuration file. I write this:
%replace(%msg){'(password...)(\d{6})(.)', '$1****$3'}
It works with {"password":"123456"} and give an output {"password":"****"}.
However, it cannot work with:
{"client_id":["account"],"password":["111111"],"grant_type":["password"]}
I want to make it {"client_id":["account","password":["****"],"grant_type":["password"]}
How can I do this?
The problem with your regex is that it always considers 3 characters in between the string "password" and the actual password.
Do this instead:
%replace(%msg){'(password"\S+?")(\S+?)(".+)', '$1****$3'}