Forrester Total Economic Impactâ„¢ study finds Edwin AI delivered a 313% ROI for composite organization.

Read more
Platform
Solution
Industry
Role
There is no result.

Sensitive Data Masking for Log Files LogSource

Last updated - 27 May, 2026

Sensitive data masking enables you to mask sensitive information before logs are ingested into LM Logs.

The Log Files LogSource includes a predefined set of regular expressions that identify common sensitive data patterns. When sensitive data masking toggle switch is enabled, log content that matches these patterns is masked before ingestion.

For more information on configuring sensitive data masking in Log Files LogSource, see Log Files LogSource Configuration.

Predefined Regex Pattern for Masking

The following table lists the predefined regular expressions used to mask sensitive data when sensitive data masking is enabled:

KeyMasking RuleMasked ValueType
json_passwordpassword[REDACTED]JSON_KEY
json_tokentoken[REDACTED]JSON_KEY
json_secretsecret[REDACTED]JSON_KEY
json_apikeyapikey[REDACTED]JSON_KEY
json_id_tokenid_token[REDACTED]JSON_KEY
json_authorizationauthorization[REDACTED]JSON_KEY
json_bearerbearer[REDACTED]JSON_KEY
json_creditCardcreditCard[REDACTED]JSON_KEY
json_cvvcvv[REDACTED]JSON_KEY
json_social_security_numbersocial_security_number[REDACTED]JSON_KEY
json_phonephone[REDACTED]JSON_KEY
json_emailemail[REDACTED]JSON_KEY
json_ibaniban[REDACTED]JSON_KEY
json_aws_secret_access_keyaws_secret_access_key[REDACTED]JSON_KEY
email(?i)([a-z0-9._%+-]+)@([a-z0-9.-]+\.[a-z]{2,})[REDACTED_EMAIL]REGEX
ipv4\b(?:(?:25[0-5]|2[0-4]\d|1?\d?\d)\.){3}(?:25[0-5]|2[0-4]\d|1?\d?\d)\b[REDACTED_IP]REGEX
ipv6(?i)\b(?:[0-9a-f]{1,4}:){7}[0-9a-f]{1,4}\b[REDACTED_IP]REGEX
cc_common_brands\b(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|3[47][0-9]{13})\b[REDACTED_CC]REGEX
cvv(?i)(?:\b(CVV|CVC|CVV2)\b\s*[:=]?\s*\d{3,4})[REDACTED_CVV]REGEX
us_ssn\b\d{3}[- ]?\d{2}[- ]?\d{4}\b[REDACTED_SSN]REGEX
iban_regex\b[A-Z]{2}\d{2}[A-Z0-9]{11,30}\b[REDACTED_IBAN]REGEX
phone_e164\b\+?[1-9]\d{9,14}\b[REDACTED_PHONE]REGEX
aws_akid\bAKIA[0-9A-Z]{16}\b[REDACTED_AWS_KEY_ID]REGEX
auth_header_bearer(?i)\bAuthorization\s*:\s*Bearer\s+[A-Za-z0-9\-._~+/=]+Authorization: Bearer [REDACTED_TOKEN]REGEX
basic_auth_urlhttps?:\/\/[^\s:@]+:[^@\s]+@https://[REDACTED]@REGEX
pem_private_key(?s)—–BEGIN [A-Z ]*PRIVATE KEY—–[\s\S]*—–END [A-Z ]*PRIVATE KEY—–[REDACTED_PRIVATE_KEY]REGEX
cookie_jsessionid(?i)\b(JSESSIONID=)([A-Za-z0-9\-]{16,128})[REDACTED_SESSION]REGEX
cookie_generic_session(?i)\b(SID|SESSIONID|PHPSESSID)=([A-Za-z0-9\-]{8,128})[REDACTED_SESSION]REGEX
generic_token(?i)\b(token|id_token|access_token|refresh_token)\b\s*=\s*\S+[REDACTED]REGEX
gps_coords\b-?(?:[1-8]?\d(?:\.\d+)?|90(?:\.0+)?),\s*-?(?:1[0-7]\d(?:\.\d+)?|[1-9]?\d(?:\.\d+)?|180(?:\.0+)?)\b[REDACTED_LATLON]REGEX
imei(?i)\b((?:IMEI|device[_-]?id)\b[^A-Za-z0-9]{0,10})(\d{15})[REDACTED_IMEI]REGEX

14-day access to the full LogicMonitor platform