Redactors

Plugins that mask or remove sensitive data.

!!! warning “PII in Message Strings Is Not Redacted”

Redactors only process **structured fields** in the log envelope.
PII embedded in the message string will pass through unchanged.

```python
# UNSAFE - email will NOT be redacted
logger.info(f"User {email} logged in")

# SAFE - email field will be redacted
logger.info("User logged in", email=email)
```

See [PII Showing Despite Redaction](../../troubleshooting/pii-showing-despite-redaction.md)
for more details.

Contract

Implement BaseRedactor.redact(entry: dict) -> dict (async). Return the updated entry; contain errors so the pipeline continues.

Built-in redactors

• field-mask: masks configured field names (from sensitive_fields_policy).

• regex-mask: masks values matching sensitive patterns (default regex covers common secrets).

• url-credentials: strips credentials from URL-like strings.

• field-blocker: blocks high-risk field names (e.g., body, payload) by replacing their values entirely. See FieldBlockerRedactor.

• string-truncate: truncates string values exceeding a configured length and appends a [truncated] marker. Disabled by default. See StringTruncateRedactor.

Configuration

• Enable/disable: FAPILOG_CORE__ENABLE_REDACTORS

• Order: FAPILOG_CORE__REDACTORS_ORDER

• Guardrails: FAPILOG_CORE__REDACTION_MAX_DEPTH, FAPILOG_CORE__REDACTION_MAX_KEYS_SCANNED

• Sensitive fields: FAPILOG_CORE__SENSITIVE_FIELDS_POLICY

Redactors run after enrichers and before sinks.