Masking sensitive data in SIP messages
Starting with version 8.1.102.51, SIP Server can mask sensitive data in SIP messages. When enabled, SIP Server replaces:
- All private SIP header values with a single asterisk
- SIP message body content with the phrase CONTENT FILTERED
SIP Server does not replace the content of type application/sdp, and it replaces application/vnd.radisys.msml+xml in the SIP message body only when it contains user data.
Starting with version 8.1.103.88, SIP Server can mask specific SIP headers contained in SIP Server logs. The x-sip-unmask-headers enables this feature.
Feature Configuration
To enable masking sensitive data in SIP messages, set the x-sip-mask-sensitive-data configuration option to true in the [log] section of the SIP Server Application.
Configuration Options
x-sip-mask-sensitive-data
Setting: [log] section, Application level
Default Value: false
Valid Values: true, false
Changes Take Effect: Immediately
Specifies whether SIP Server masks sensitive data in SIP messages contained in SIP Server logs.
- If set to true, SIP Server masks all private SIP header values and SIP message body content of all types, except for application/sdp and application/vnd.radisys.msml+xml. If the message contains application/vnd.radisys.msml+xml, SIP Server masks it only when it contains user data.
- If set to false, SIP Server does not mask sensitive data in SIP messages contained in SIP Server logs.
x-sip-unmask-headers
Setting: [log] section, Application level
Default Value: No default value
Valid Values: A list of comma-separated SIP headers
Changes Take Effect: Immediately
Specifies SIP headers that SIP Server masks in SIP messages contained in SIP Server logs.