diff options
Diffstat (limited to 'doc/mmanon.html')
| -rw-r--r-- | doc/mmanon.html | 119 |
1 files changed, 0 insertions, 119 deletions
diff --git a/doc/mmanon.html b/doc/mmanon.html deleted file mode 100644 index 16065a1..0000000 --- a/doc/mmanon.html +++ /dev/null @@ -1,119 +0,0 @@ -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> -<html><head> -<meta http-equiv="Content-Language" content="en"> -<title>IP Address Anonimization Module (mmanon)</title></head> - -<body> -<a href="rsyslog_conf_modules.html">back</a> - -<h1>IP Address Anonimization Module (mmanon)</h1> -<p><b>Module Name: mmanon</b></p> -<p><b>Author: </b>Rainer Gerhards <rgerhards@adiscon.com></p> -<p><b>Available since</b>: 7.3.7</p> -<p><b>Description</b>:</p> -<p>The mmanon module permits to anonymize IP addresses. It is a message -modification module that actually changes the IP address inside the message, -so after calling mmanon, the original message can no longer be obtained. -Note that anonymization will break digital signatures on the message, if -they exist. -<p><i>How are IP-Addresses defined?</i> -<p>We assume that an IP address consists of four octets in dotted notation, -where each of the octets has a value between 0 and 255, inclusively. After -the last octet, there must be either a space or a colon. So, for example, -"1.2.3.4 Test" and "1.2.3.4:514 Test" are detected as containing valid IP -addresses, whereas this is not the case for "1.2.300.4 Test" or -"1.2.3.4-Test". The message text may contain multiple addresses. If so, -each of them is anonimized (according to the same rules). -<b>Important:</b> We may change the set of acceptable characters after -the last octet in the future, if there are good reasons to do so. -<p> </p> - -<p><b>Module Configuration Parameters</b>:</p> -<p>Currently none. -<p> </p> -<p><b>Action Confguration Parameters</b>:</p> -<ul> -<li><b>mode</b> - default "rewrite"<br> -There exists the "simple" and "rewrite" mode. In simple mode, only octets -as whole can be anonymized and the length of the message is never changed. -This means that when the last three octets of the address 10.1.12.123 are -anonymized, the result will be 10.0.00.000. This means that the length of the -original octets is still visible and may be used to draw some privacy-evasive -conclusions. This mode is slightly faster than "overwrite" mode, and this -may matter in high throughput environments.<br> -The default "rewrite" mode will do full anonymization of any number of bits -and it will also normlize the address, so that no information about the -original IP address is available. So in the above example, 10.1.12.123 would -be anonymized to 10.0.0.0. -<li><b>ipv4.bits</b> - default 16<br> -This set the number of bits that should be anonymized (bits are from the -right, so lower bits are anonymized first). This setting permits to save -network information while still anonymizing user-specific data. The more -bits you discard, the better the anonymization obviously is. The default -of 16 bits reflects what German data privacy rules consider as being -sufficinetly anonymized. We assume, this can also be used as a rough -but conservative guideline for other countries.<br> -Note: when in simple mode, only bits on a byte boundary can be specified. -As such, any value other than 8, 16, 24 or 32 is invalid. If an invalid -value is given, it is rounded to the next byte boundary (so we favor stronger -anonymization in that case). For example, a bit value of 12 will become 16 in -simple mode (an error message is also emitted). -<li><b>replacementChar</b> - default "x"<br> -In simple mode, this sets the character -that the to-be-anonymized part of the IP address is to be overwritten -with. In rewrite mode, this parameter is <b>not permitted</b>, as in -this case we need not necessarily rewrite full octets. As such, the anonymized -part is always zero-filled and replacementChar is of no use. If it is -specified, an error message is emitted and the parameter ignored. -</ul> - -<p><b>Caveats/Known Bugs:</b> -<ul> -<li><b>only IPv4</b> is supported -</ul> - -<p><b>Samples:</b></p> -<p>In this snippet, we write one file without anonymization and another one -with the message anonymized. Note that once mmanon has run, access to the -original message is no longer possible (execept if stored in user -variables before anonymization). -<p><textarea rows="5" cols="60">module(load="mmanon") -action(type="omfile" file="/path/to/non-anon.log") -action(type="mmanon") -action(type="omfile" file="/path/to/anon.log") -</textarea> - -<p>This next snippet is almost identical to the first one, but -here we anonymize the full IPv4 address. Note that by -modifying the number of bits, you can anonymize different parts -of the address. Keep in mind that in simple mode (used here), the bit values -must match IP address bytes, so for IPv4 only the values 8, 16, 24 and -32 are valid. Also, in this example the replacement is done -via asterisks instead of lower-case "x"-letters. Also keep in mind that -"replacementChar" can only be set in simple mode. -<p><textarea rows="5" cols="60">module(load="mmanon") -action(type="omfile" file="/path/to/non-anon.log") -action(type="mmanon" ipv4.bits="32" mode="simple" replacementChar="*") -action(type="omfile" file="/path/to/anon.log") -</textarea> - -<p>The next snippet is also based on the first one, but anonimzes an -"odd" number of bits, 12. The value of 12 is used by some folks as a -compromise between keeping privacy and still permiting to gain some -more in-depth insight from log files. Note that anonymizing 12 bits -may be insufficient to fulfill legal requirements (if such exist). -<p><textarea rows="5" cols="60">module(load="mmanon") -action(type="omfile" file="/path/to/non-anon.log") -action(type="mmanon" ipv4.bits="12") -action(type="omfile" file="/path/to/anon.log") -</textarea> - -<p>[<a href="rsyslog_conf.html">rsyslog.conf overview</a>] [<a href="manual.html">manual -index</a>] [<a href="http://www.rsyslog.com/">rsyslog site</a>]</p> -<p><font size="2">This documentation is part of the -<a href="http://www.rsyslog.com/">rsyslog</a> project.<br> -Copyright © 2008-2013 by <a href="http://www.gerhards.net/rainer">Rainer Gerhards</a> and -<a href="http://www.adiscon.com/">Adiscon</a>. Released under the GNU GPL -version 3 or higher.</font></p> - -</body></html> |