Add or edit log enhancers

Log enhancers are instrumentation instructions that allow the Contrast agent to log additional parameters and data in the application without requiring any source code changes. By using these deep security instrumentation techniques, a user can specify the API and parameter to log, and the Contrast agent adds this information to the security.log file as part of RASP logging.

To add, edit or delete a log enhancer:

  1. Under policy management, select Log enhancers.

  2. Filter by language, or use the search to find the existing log enhancer you want to edit and select the name, or select Add Log Enhancer. Use the toggles in the grid row to enable or disable the rule in each environment.

  3. In the panel that opens, enter a Name and Description.

    • Name

    • Description

    • Log level

    • Log type

    • Language

    • API: Use the structure <class_name>.<method_name>(<argument_types>). For example:

      public boolean com.acme.Authenticator.authenticate(String user, String password)
    • Format: Enter the log description, including relevant data from the function call. You can include any of the following placeholders in your message:

      • {O}: Print the String-ified version of the Object on which this call is made. If the method is static, this may be null or empty.

      • {Pn}: Print the given parameter at index n. Note that n is zero-based.

      • {P1}: Print the the first parameter into the message.

      • {R}: Print the return value of the function.

  4. Click Add to save the rule.