I'm using locust to load test a REST API. The endpoints take an API Key as a query parameter, which I can see in the cleartext in the locust logs. I know there is skip-log-setup
that disables all the locust logs. Is there a way though, to just hide the API Key from the logs and subsequent HTML reports so that it will just be shown as **** or something like that, in the same way that you'd want to hide username/password?
Thank you!
You can override what the URL looks like when it's reported using the name=
parameter when you make your client calls.
Example:
self.client.get("/blog?id=%i" % i, name="/blog?id=[id]")
http://docs.locust.io/en/stable/writing-a-locustfile.html#grouping-requests