Logging security in Speech Server diagnostic logs

By default, the diagnostic logs suppress any items to which a secure context applies. However, at detailed levels of diagnostic logging, the nss.log may still include URIs and MRCP messages that include sensitive information but that are not affected by the swirec.secure_context and switts.secure_context properties.

To account for diagnostic logging security, Voice Platform offers several service properties that you can set on the Speech Server to suppress items from being written to the nss.log diagnostic log file. This section provides a brief description of them.

Of the four service properties described here, only server.log.suppressSensitiveDiagLogs is enabled by default. To apply the others, you must enable them explicitly via the Management Station.

Hiding low level content

The following service properties affect the diagnostic logging of low-level items (that is, items that are logged even when the logging level does not support much detail):

  • server.log.suppressSensitiveDiagLogs enables logging security in the nss.log diagnostic log, so swirec.secure_context and switts.secure_context are applied to items as specified in the VoiceXML application. This property is enabled by default. Do not disable unless requested by Nuance technical support for troubleshooting purposes.
  • server.log.suppressSensitiveURIs suppresses URIs from appearing in the diagnostic log, so any sensitive information in them (for example, a key-value pair that includes a credit card number) is not exposed. In order to enable this service property, the server.log.suppressSensitiveDiagLogs service property must be enabled.

Each of these service properties takes a value of 1 (enabled) or 0 (disabled).

Hiding content of MRCP messages

If you have set diagnostic level to log a high level of detail (for example, VD_INFO), MRCP messages are written to the nss.log file. Since these messages are not parsed before they are logged, it is not possible to determine whether a secure context applies to them. As a result, they may contain sensitive information that is then exposed in the nss.log file.

There are two service properties that suppress the content of MRCP messages:

  • server.log.secureDiagLogOSRcontext suppresses the content of DEFINE-GRAMMAR, RECOGNIZE, INTERPRET, and RECOGNITION-COMPLETE MRCP messages.
  • server.log.secureDiagLogTTScontext suppresses the content of SPEAK MRCP messages.

Each of these service properties takes a value of 1 (enabled) or 0 (disabled).

When enabled, the service properties suppresses the content of the specified types of MRCP messages. The nss.log file still includes an entry for each such message, but the content of the message is left blank, so as not to expose any sensitive information.

Note: Be aware that these two service properties affect all messages of the specified type, regardless of the secure context setting that applies to the corresponding item in the VoiceXML application.