Hi all. I’ve been working on creating an Encrypted Logger handler for use with prefect 2, where logs can be encrypted with a locally stored key before being uploaded. This removes one of the potential leakages of data from secure systems when using Prefect, namely log messages containing sensitive data/paths/etc can end up being held in Prefect Cloud.
(I’m aware of log filtering as an alternative option, but then monitoring why processes have failed becomes harder, and loses some of the other benefits of prefect cloud)
I’ve also created a custom Chrome web extension to allow the data to be decrypted again - this is done via client-side decryption with the local key, so again the data is not shared.
The results of logging a flow with the Encrypted Logger look like:
I think this will work very well for our use case, but interested to know if others would also find helpful and if it would be worth adding as a new feature / pull request?