[][src]Crate alog

alog is a simple log file anonymizer.


In fact alog just replaces the first word1 on every line of any input stream with a customizable string.

So "log file anonymizer" might be a bit of an overstatement, but alog can be used to (very efficiently) replace the $remote_addr part in many access log formats, e.g. Nginx' default combined log format:

log_format combined '$remote_addr - $remote_user [$time_local] '
                    '"$request" $status $body_bytes_sent '
                    '"$http_referer" "$http_user_agent"';

By default any parseable $remote_addr is replaced by it's localhost representation,

  • any valid IPv4 address is replaced by '',
  • any valid IPv6 address is replaced by '::1' and
  • any String (what might be a domain name) with 'localhost'.

Lines without a $remote_addr part will remain unchanged (but can be skipped with alog::Config::set_skip() set to true).

Personal data in server logs

The default configuration of popular web servers including Apache Web Server and Nginx collect and store at least two of the following three types of logs:

  1. access logs
  2. error logs (including processing-language logs like PHP)
  3. security audit logs

All of these logs contain personal information by default. IP addresses are specifically defined as personal data by the GDPR. The logs can also contain usernames if your web service uses them as part of their URL structure, and even the referral information that’s logged by default can contain personal information (or other sensitive data).

So keep in mind, just removing the IP / $remote_addr part might not be enough to fully anonymize any given log file.

  1. Any first substring separated by a b' ' (Space) from the remainder of the line. 



Collection of replacement strings / config flags





Creates a reader (defaults to std::io::Stdin) and writer (defaults to std::io::Stdout) from alog::IOConfig, passes both along with the alog::Config struct to actually replace any first word in reader with strings stored in alog::Config.


Like alog::run but will let you pass your own reader and writer. Replacement strings and config flags will still be read from alog::Config though.