2

Looking at the SEQ Serilog documentation and there is documentation on destructuring and creating custom ITextFormatter which seems like the place to start, but I would like to know if and how it would be possible to change the underlying log serialization say to UTF8, UTF32, Unicode, etc.

Possible? Impact to current log raw serialization if it is possible to change it.

I am using Seq 5.1.3004 currently

Improve this question
4
  • Hi Robin! I'm not 100% sure how the picture fits together - where are you hitting encoding issues? (I.e. are you seeing incorrectly encoded Unicode somewhere, etc.?) Cheers! Commented Mar 11, 2020 at 21:55
  • The question comes from a 3rd party security scanner application. I have tested the logs and when I write XSS tags and injected javascript SEQ is neutralizing the inputs while maintaining the content. I stated and showed the scanner this point, but they are asking if I exported the logs to some of logger the guarantee is no longer there is their worry. So can I effectively guarantee the export format is always neutralized or overwrite the raw stored format is the question. Thanks Commented Mar 14, 2020 at 21:58
  • I think in that case your best bet would be to write a wrapper sink, e.g. WriteTo.Sanitize(wt => wt.Seq(...)) where the Sanitize bit would need to be your own code that uses some kind of logic to identify potential XSS content in messages and property names/values, and performs some kind of dynamic replacement. It's tough to do correctly, though - hence we make very sure that Seq handles displaying of untrusted log data carefully. Commented Mar 15, 2020 at 23:56
  • Thanks this is what I will recommend. Commented Mar 22, 2020 at 2:01
Related questions
9
Serilog - How do I render formatted message to string manually?
11
Removing Default Properties in Serilog Output
6
How to customize exception output using serilog
Load 7 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.