Overview
A newly released zato-enclog package lets one store Python logs in an encrypted form making it a great fit for environments that cannot keep clear text form of data such as PII (Personally Identifiable Information) in HIPAA-compliant applications.
The package comes with command-line tools to decrypt files, including a command that mimics tail -f functionality to watch decrypted logs as they grow.
Usage examples from Zato ..
fromloggingimportgetLoggerfromzato.server.serviceimportServiceenclog=getLogger('enclog')classMyService(Service):defhandle(self):enclog.info('This will be encrypted').. and pure Python:
importloggingfromzato.enclogimportEncryptedLogFormatter,genkeylevel=logging.INFOformat='%(levelname)s - %(message)s'key=genkey()formatter=EncryptedLogFormatter(key,format)handler=logging.StreamHandler()handler.setFormatter(formatter)logger=logging.getLogger('')logger.addHandler(handler)logger.setLevel(level)logger.info('This will be encrypted')CLI screenshots
Key generation:
Demo:
Using tailf -f vs. enclog tailf. The former will show logs in encrypted form whereas the latter will display them decrypted.
Learn more
More information can be found at https://zato.io/docs/progguide/enclog/index.html