Back to all scenarios
Scenario #272
Security
Kubernetes v1.22, EKS with Fluentd

Sensitive Logs Exposed via Centralized Logging

Secrets and passwords were accidentally logged and shipped to a centralized logging service accessible to many teams.

Find this helpful?
What Happened

Application code logged sensitive values like passwords and access keys, which were picked up by Fluentd and visible in Kibana.

Diagnosis Steps
  • 1Reviewed logs after a security audit.
  • 2Discovered multiple log lines with secrets embedded.
  • 3Traced the logs back to specific applications.
Root Cause

Insecure logging practices combined with centralized aggregation.

Fix/Workaround
• Removed sensitive logging in app code.
• Configured Fluentd filters to redact secrets.
• Restricted access to sensitive log indices in Kibana.
Lessons Learned

Be mindful of what gets logged ; logs can become a liability.

How to Avoid
  • 1Implement logging best practices.
  • 2Scrub sensitive content before logs leave the app.
Previous ScenarioNext Scenario