Anonymizing nextcloud logs

Hi there,
is there a way for anonymizing the logs in nextcloud? Regarding data privacy we don’t want to save the full ip address of every client but for other reasons we need to save the nextcloud log and the audit log.

Yesterday I searched but unfortunately didn’t find a working solution

Nextcloud Version is 25.0.4
PHP Version is : 8.1

it’s pointless to save logs without IP addresses but it’s your wish…

I think you can’t do this by default… so it requires some post-processing. thankfully nextcloud.log and audit.log are stored in JSON format and you can easily parse them using jq command… you can easily choose to only display required logs fields and omit IP addresses at all (but in audit logs you will see an acting user as well so the IP address is likely less PII than username)

see an example

1 Like

I had similar thoughts, my preferred solution would be to use a salted hash function to mask IP addresses.
This would still allow comparisons of multiple requests regarding their origin and it allows searching for specific IPs too.

If OPs goal is to comply with privacy regulations, than post-processing could not suffice as an solution if the log containing the IP was written to disc and altered afterwards.
Certain privacy/ security standards define information stored in a way that means “data written to disc”. In these situations, if the post-processing happens fully in RAM the solution would suffice, if the post-processing is done on a log that has already been written to disc nothing has changed.