All Articles/Logging

Setting Up PII Redaction to Protect User Data

Automatically redact emails, credit cards, and other PII from your logs.

Built-in Patterns

Lognitor SDKs include built-in redaction for common PII patterns:

JavaScript
Lognitor.init({
  apiKey: 'your-key',
  redactPatterns: ['email', 'creditCard', 'ssn', 'bearer'],
});

With this configuration, sensitive data is replaced with [REDACTED] before it leaves your application:

JavaScript
Lognitor.info('User alice@example.com signed up with card 4111-1111-1111-1111');
// Sent as: "User [REDACTED] signed up with card [REDACTED]"

Custom Patterns

Add your own regex patterns for application-specific PII:

JavaScript
Lognitor.init({
  apiKey: 'your-key',
  redactPatterns: [
    'email',
    /\bAPI-[A-Z0-9]{16,}\b/g,    // Custom API key format
    /\b\d{3}-\d{3}-\d{4}\b/g,    // US phone numbers
  ],
});

URL Scrubbing

Sensitive query parameters are automatically replaced in URLs:

JavaScript
Lognitor.init({
  apiKey: 'your-key',
  scrubUrlParams: ['token', 'password', 'secret', 'session_id'],
});

// /api/auth?token=sk_live_abc123&page=1
// becomes: /api/auth?token=[SCRUBBED]&page=1
User context is preserved

Redaction applies to log messages and metadata string values. The user object (set via setUser()) is intentionally NOT redacted so you can identify which user experienced an error.