KB-1754: How to obscure sensitive data in the Centrify debug log file?

Tips for finding Knowledge Articles

- Enter just a few key words related to your question or problem
- Add Key words to refine your search as necessary
- Do not use punctuation
- Search is not case sensitive
- Avoid non-descriptive filler words like "how", "the", "what", etc.
- If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
- Minimum supported Internet Explorer version is IE9

Home >

KB-1754: How to obscure sensitive data in the Centrify debug log file?

Product:

Authentication Service ,

Published:

12 April,16 at 11:43 AM

Rating:

Applies to: All versions of Centrify DirectControl on all Unix platforms.

Question:
How do I obscure sensitive data before I send the debug log to Centrify for analysis?

Answer:
In Centrify DirectControl, there is a command, adobfuscate. In order to use this function, you have to:

1. Create or modify the pattern file to identify data that you want to hide (the default pattern file is placed in /etc/centrifydc/adobfuscate.conf).

2. Run: adobfuscate -f /var/log/centrifydc.log -m myMap
(/var/log/centrifydc.log is the log file and myMap is the map file that created).

3. After the map file is created, run
adobfuscate -f /var/log/centrifydc.log -m myMap -o

For more details, refer to the DirectControl Administrator's Guide, Page 310:

https://docs.centrify.com/en/css/suite2017.1/centrify-unix-adminguide.pdf