From 58b1cb60e8ff4472c179b198eefc9dd79144a18d Mon Sep 17 00:00:00 2001
From: Ken Liao <kenliao94@gmail.com>
Date: Fri, 16 Aug 2024 16:19:56 -0700
Subject: [PATCH] Add faq for redacting sensitive info on audit log

---
 src/components/classic/documentation/faq.md   |  1 +
 ...w-to-redact-sensitive-info-on-audit-log.md | 22 +++++++++++++++++++
 2 files changed, 23 insertions(+)
 create mode 100644 src/components/classic/documentation/how-to-redact-sensitive-info-on-audit-log.md

diff --git a/src/components/classic/documentation/faq.md b/src/components/classic/documentation/faq.md
index 7563ce8ed7..b5062e02ec 100644
--- a/src/components/classic/documentation/faq.md
+++ b/src/components/classic/documentation/faq.md
@@ -139,6 +139,7 @@ Questions on configuring ActiveMQ Classic's JMS client or the Message Broker
 *   [How to configure a new database](how-to-configure-a-new-database)
 *   [How to deploy activemq-ra-version.rar to weblogic](how-to-deploy-activemq-ra-versionrar-to-weblogic)
 *   [How to disable multicast discovery](how-to-disable-multicast-discovery)
+*   [How to redact sensitive info on audit log](how-to-redact-sensitive-info-on-audit-log)
 
 ### Persistence Questions
 
diff --git a/src/components/classic/documentation/how-to-redact-sensitive-info-on-audit-log.md b/src/components/classic/documentation/how-to-redact-sensitive-info-on-audit-log.md
new file mode 100644
index 0000000000..0f63d5a4eb
--- /dev/null
+++ b/src/components/classic/documentation/how-to-redact-sensitive-info-on-audit-log.md
@@ -0,0 +1,22 @@
+---
+layout: default_md
+title: How to redact sensitive info on audit log
+title-class: page-title-classic
+type: classic
+---
+
+ [FAQ](faq) > [Configuration](configuration) > [How to redact sensitive info on audit log](how-to-redact-sensitive-info-on-audit-log)
+
+To reduce sensitive information on audit log, such as hiding JMSText (which shows the message you sent to the destination if you do it via the web console), you can change the audit log pattern. For instance, if you want to hide JMSText, you change this line of the log4j2.properties of broker configuration
+
+Replace
+```
+appender.auditlog.layout.type=PatternLayout
+appender.auditlog.layout.pattern=%-5p | %m | %t%n
+```
+
+With
+```
+appender.auditlog.layout.type=PatternLayout
+appender.auditlog.layout.pattern=%-5p | %replace{%m}{JMSText='(.*)'}{<redacted>} | %t%n
+```
\ No newline at end of file