Nightfall
The Nightfall filter scans logs for sensitive data and redacts the sensitive portions. This filter supports scanning for various sensitive information, ranging from API keys and personally identifiable information(PII) to custom regexes you define. You can configure what to scan for in the Nightfall Dashboard.
This filter is not enabled by default in 1.9.0 due to a typo. It must be enabled by setting flag
-DFLB_FILTER_NIGHTFALL=ON
when building. In 1.9.1 and above this is fixed.
Configuration Parameters
The plugin supports the following configuration parameters:
nightfall_api_key
The Nightfall API key to scan your logs with, obtainable from the Nightfall Dashboard
policy_id
The Nightfall dev platform policy to scan your logs with, configurable in the Nightfall Dashboard.
sampling_rate
The rate controlling how much of your logs you wish to be scanned, must be a float between (0,1]. 1 means all logs will be scanned. Useful for avoiding rate limits in conjunction with Fluent Bit's match rule.
1
tls.debug
Debug level between 0 (nothing) and 4 (every detail).
0
tls.verify
When enabled, turns on certificate validation when connecting to the Nightfall API.
true
tls.ca_path
Absolute path to root certificates, required if tls.verify is true.
Command Line
Configuration File
Last updated