SkillAgentSearch skills...

MaskerLogger

The Logger that will prevent your data leak

GenerateConvertImprove

Install / Use

/learn @oxsecurity/MaskerLogger
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

Tests Lint Quality codecov PyPI version Python Platform License PRs Welcome

MaskerLoggerTitle

Masker Logger

Keep Your logs safe! This formatter ensures the security of your logs and prevents sensitive data leaks. For example - Using this Formatter will print this line: logger.info(f'Dont Give Your {secrets} away') like this: Dont Give Your ****** away

Getting started

This formatter utilizes the standard logging.Formatter module. Before printing each record to any destination (file, stdout, etc.), it ensures sensitive data is masked with asterisks to prevent leaks.

Requirements

| MaskerLogger Version | Python Version | |---------------------|----------------| | 1.0.0+ | 3.10 - 3.13 | | < 1.0.0 | 3.9 - 3.13 |

Install the library

pip install maskerlogger

Basic Usage

Like any formatter - just init your logger handler with the MaskerLogger formatter.

from maskerlogger import MaskerFormatter
logger = logging.getLogger('logger')
logger.setLevel(logging.DEBUG)
handler = logging.StreamHandler()
handler.setFormatter(
    MaskerFormatter("%(asctime)s %(name)s %(levelname)s %(message)s"))
logger.addHandler(handler)

skip masking

If, for some reason, you want to disable masking on a specific log line, use the SKIP_MASK mechanism.

from maskerlogger import MaskerFormatter, SKIP_MASK
...
...
logger.info('Line you want to skip', extra=SKIP_MASK)

redact

Here’s a rewritten version suitable for inclusion in a README.md file:

Partial Masking of Secrets

If you prefer to mask only a portion of a secret (rather than its entire length), you can set the redact parameter in the formatter. The redact parameter specifies the percentage of the secret to be masked.

Here’s an example of how to use it:

handler.setFormatter(
    MaskerFormatter("%(asctime)s %(name)s %(levelname)s %(message)s",
                    redact=30))

In this example, 30% of the secret will be masked. Adjust the redact value as needed to suit your requirements.

The Config File

Here's where the magic happens! Our tool is built upon the powerful Gitleaks tool, leveraging its default configuration to scan for sensitive data leaks in repositories. You can find the default configuration here

Use custom config file

To create and use your own config file, set the path when initializing the formatter:

handler.setFormatter(
    MaskerFormatter("%(asctime)s %(name)s %(levelname)s %(message)s",
                    regex_config_path="your/config/gitleaks.toml"))

Good luck!

Brought to you by OX Security

oxsecurity

View profile

View on GitHub
GitHub Stars107
CategoryDevelopment
Updated1d ago
Forks15
oxsecurity/MaskerLogger

Languages

Python

Security Score

100/100

Audited on Mar 30, 2026

No findings