Quick post. Sometimes it is necessary to share logs on public issue trackers, forums... and wanting to protect secrets, tokens, IPs is normal.
I've cooked my own minimal bash script for this quest, which I've just added to my public shared snippets : https://gitea.zoemp.be/sansguidon/snippets/raw/branch/main/redacted.sh
#!/usr/bin/env bash
default_rules=(
's/[0-9]\{1,3\}\(\.[0-9]\{1,3\}\)\{3\}/<REDACTED_IP>/g'
's/\b[a-zA-Z0-9._-]\+\.[a-zA-Z]\{2,\}\b/<REDACTED_DOMAIN>/g'
's/\b[A-Za-z0-9+\/=]\{20,\}\b/<REDACTED_TOKEN>/g'
's/\(password=\)\S\+/\1<REDACTED_PASS>/g'
)
rules=()
while [[ $1 =~ ^s/ ]]; do
rules+=("$1")
shift
done
[[ ${#rules[@]} -eq 0 ]] && rules=("${default_rules[@]}")
sed_expr=()
for r in "${rules[@]}"; do
sed_expr+=( -e "$r" )
done
# If files are passed, process them to stdout.
# If none, read from stdin to stdout.
if [[ $# -gt 0 ]]; then
sed "${sed_expr[@]}" "$@"
else
sed "${sed_expr[@]}"
fiFeel free to reuse, copy, extend, contact me to give feedback! π
π The best way to get in touch is via my email morgan at zoemp dot be. You can also follow me on the Fediverse / Mastodon at @sansguidon@mamot.fr. I speak (a lot) French, English and a bit of Dutch.