Browse Prior Art Database

A method to obfuscate log files without losing context and fidelity necessary for problem resolution.

IP.com Disclosure Number: IPCOM000239777D
Publication Date: 2014-Dec-01
Document File: 6 page(s) / 65K

Publishing Venue

The IP.com Prior Art Database

Abstract

A method to obfuscate log files without losing context and fidelity necessary for problem resolution is disclosed.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 41% of the total text.

Page 01 of 6

A method to obfuscate log files without losing context and fidelity necessary for problem resolution .

Disclosed is a method to obfuscate log files without losing context and fidelity necessary for problem resolution.

It is very common for product support teams to request product logs such as Error, Warning or Trace logs when trouble shooting product issues. These logs provide valuable information of the system as well as the environment it is running in, thereby shedding light on why the failure occurred. Many customer enterprises, however, are security conscious and are typically unwilling to divulge detailed information that is likely to be crucial in problem determination. This is particularly an issue at government and intelligence agency customers due to the sensitivity of the information.

Today, before sending these logs to the product support, the enterprises analyze the logs and scrub or redact sensitive environment information such as password, host name, host IP address, database table or column names etc. When sensitive data are scrubbed or redacted, there is a possibility that the log file may lose its fidelity and diminish its utility. In addition the data scrubbing is delegated to a specialized team single team which is trained to do such scrubbing and then inspected by another team before the log leaves the enterprise. This adds additional delay getting the logs to the product support team.

This is a very time consuming and error-prone exercise that is dependent on personnel with specific skills who may be overburdened. The delay in delivering the logs also delays problem resolution for the enterprise which in turn contributes to dissatisfaction on the product and product support.

Addressing this issue with automation will substantially improve the timeliness and accuracy of problem resolution for security sensitive enterprises.

The core idea of the invention is to parse the log file and perform substitution on a type of externally configured data, thereby obfuscating the original sensitive data. The substitution maintains fidelity on the substituted data such that the same information is substituted for a given data. This enables the log file not to lose fidelity, thereby enabling the recipient of the log file to perform analysis without the enterprise divulging their sensitive information.

The prevailing way of accomplishing this task is by manually analyzing the information in the log file and scrubbing or redacting sensitive data, thereby possibly diminishing its utility. The advantage of the invention is in time savings and improved accuracy by moving away from the laborious and time consuming way of scrubbing and redacting sensitive data from the log files and enabling the enterprise to convey the information without loss of fidelity to the recipient for further analysis.

How the invention works:

The user creates an obfuscation profile which has the patterns of source data that are to be


1.

obfuscated to the...