2026-05-24 04:49:49 网络安全文章来源：ZONE.CI 全球网 0 阅读模式

文章总结： 本文介绍了Java日志脱敏的必要性及四种主流实现方案，重点阐述基于日志框架的自定义PatternLayout和Log4j2RewriteAppender两种推荐方案。文章对比各方案的侵入性、维护成本与适用场景，给出正则替换规则及完整代码示例。结论建议优先采用无侵入的集中式脱敏方案以平衡安全性与维护成本。 综合评分： 92 文章分类： 数据安全,应用安全,安全开发,安全工具,解决方案

cover_image

Java 日志脱敏方案落地实践

原创

静观云起静观云起

码云精炼

2026年5月24日 00:38 广东

在小说阅读器读本章

去阅读

一为什么需要做日志脱敏？

在金融、电商、医疗等业务系统中，日志是排查问题的核心依据，但同时也可能成为数据泄露的“重灾区”。日志中可能包含手机号、身份证号、银行卡号、密码、Token等敏感信息，若直接明文打印，一旦日志文件被非法访问(如服务器被入侵、内部人员越权查看)，将导致严重的合规风险(违反《个人信息保护法》《数据安全法》)和用户隐私泄露。因此，对日志中的敏感字段进行脱敏处理，是Java系统生产环境必备的安全防护手段。

二常见脱敏场景

| | | | | — | — | — | | 敏感类型 | 示例 | 典型脱敏规则 | | 手机号 | 13812345678 | 保留前3后4,138****5678 | | 身份证号 | 110101199901011234 | 保留前6后4,110101********1234 | | 银行卡号 | 6225880256888888 | 保留后4位： ************8888 | | 邮箱 | [email protected] | 保留前缀首字母+域名： z***@test.com | | 密码/token | sk_live_abc123xyz | 全量替换为 ****** |

三主流实现方案

✅ 方案一：基于日志框架的自定义PatternLayout(推荐)

适用场景：Logback/Log4j2,集中式统一脱敏

核心思路：在日志序列化阶段拦截，对日志内容进行正则匹配并替换。

自定义实现类：

public&nbsp;class&nbsp;SensitiveMaskingLayout&nbsp;extends&nbsp;PatternLayout&nbsp;{&nbsp;&nbsp;&nbsp; &nbsp;private&nbsp;static&nbsp;final&nbsp;List<Pattern>&nbsp;SENSITIVE_PATTERNS&nbsp;=&nbsp;List.of(&nbsp;&nbsp; &nbsp;Pattern.compile("(\\d{3})\\d{4}(\\d{4})",&nbsp;// 手机号&nbsp;&nbsp; &nbsp;Pattern.compile("(\\d{6})\\d{8}(\\d{4})"),&nbsp;// 身份证号&nbsp; &nbsp;&nbsp; &nbsp;@Override&nbsp;&nbsp; &nbsp;public&nbsp;String&nbsp;doLayout(ILoggingEvent&nbsp;event) {&nbsp;&nbsp; &nbsp; &nbsp;String&nbsp;message =&nbsp;super.doLayout(event);&nbsp;&nbsp; &nbsp; &nbsp;return&nbsp;mask(message);&nbsp;&nbsp; &nbsp;}&nbsp;&nbsp;&nbsp; &nbsp;private&nbsp;String&nbsp;mask(String&nbsp;text) {&nbsp;&nbsp; &nbsp; &nbsp;String&nbsp;result = text;&nbsp;&nbsp; &nbsp; &nbsp;for&nbsp;(Pattern&nbsp;pattern :&nbsp;SENSITIVE_PATTERNS) {&nbsp;&nbsp; &nbsp; &nbsp; &nbsp;result = pattern.matcher(result) .replaceAll("$1****$2");&nbsp;&nbsp; &nbsp; &nbsp;}&nbsp;&nbsp; &nbsp; &nbsp;return&nbsp;result;&nbsp;&nbsp; &nbsp;}&nbsp;&nbsp;}

logback.xml配置

<encoder&nbsp;class="ch.qos.logback.core.encoder.LayoutWrappingEncoder">&nbsp;&nbsp; <layout&nbsp;class="com.xxx.SensitiveMaskingLayout">&nbsp;&nbsp; &nbsp; &nbsp;<pattern>%d{yyyy-MM-dd HH:mm:ss}&nbsp;%-5level&nbsp;%logger&nbsp;- %msg%n&nbsp; &nbsp; &nbsp;</pattern>&nbsp;&nbsp; &nbsp;</layout>&nbsp;</encoder>

✅ 优点：无侵入、一次配置全局生效

❌ 缺点：正则复杂时可能影响性能

✅ 方案二：基于SLF4J MDC + 注解 + AOP

适用场景：仅对特定业务参数脱敏(如接口入参)

实现思路：

使用注解标记敏感字段

@Sensitive(type&nbsp;=&nbsp;SensitiveType.MOBILE)&nbsp;private&nbsp;String&nbsp;phone;

通过AOP在方法执行前对参数脱敏；

将脱敏后的数据放入MDC，日志中引用。

✅ 优点：精准控制、适合业务参数

❌ 缺点：侵入代码、维护成本高

✅ 方案三：日志脱敏工具类(最轻量)

适用场景：临时方案或局部日志处理

public&nbsp;class&nbsp;DesensitizeUtil&nbsp;{&nbsp;&nbsp;&nbsp;public&nbsp;static&nbsp;String&nbsp;mobile(String&nbsp;mobile) {&nbsp;&nbsp; &nbsp; &nbsp;return&nbsp;mobile ==&nbsp;null&nbsp;?&nbsp;null&nbsp;:&nbsp;&nbsp; &nbsp; &nbsp; &nbsp; mobile.replaceAll("(\\d{3})\\d{4}(\\d{4})",&nbsp;"$1****$2");&nbsp;&nbsp; &nbsp; &nbsp;}&nbsp;}

// 引用工具类log.info("用户手机号：{}",DesensitizeUtil.mobile(user.getPhone()));

✅ 优点：简单直观

❌ 缺点：容易遗漏、不可控

✅ 方案四：Log4j2 RewriteAppender(企业级推荐)

Log4j2 原生支持日志重写，可在不修改业务代码的前提下完成脱敏

引入依赖log4j2:

<dependency>&nbsp; &nbsp;&nbsp;<groupId>org.apache.logging.log4j</groupId>&nbsp; &nbsp;&nbsp;<artifactId>log4j-core</artifactId>&nbsp; &nbsp;&nbsp;<version>2.24.1</version></dependency>
<dependency>&nbsp; &nbsp;&nbsp;<groupId>org.apache.logging.log4j</groupId>&nbsp; &nbsp;&nbsp;<artifactId>log4j-api</artifactId>&nbsp; &nbsp;&nbsp;<version>2.24.1</version></dependency>

自定义RewritePlolicy:

package com.xxx.log;
import&nbsp;org.apache.logging.log4j.core.LogEvent;import&nbsp;org.apache.logging.log4j.core.appender.rewrite.RewritePolicy;import&nbsp;org.apache.logging.log4j.core.config.plugins.Plugin;import&nbsp;org.apache.logging.log4j.core.config.plugins.PluginFactory;
import&nbsp;java.util.regex.Matcher;import&nbsp;java.util.regex.Pattern;
@Plugin(name =&nbsp;"SensitiveRewritePolicy",&nbsp; &nbsp; &nbsp; &nbsp; category =&nbsp;"Core",&nbsp; &nbsp; &nbsp; &nbsp; elementType =&nbsp;"rewritePolicy")public&nbsp;class&nbsp;SensitiveRewritePolicy&nbsp;implements&nbsp;RewritePolicy&nbsp;{
&nbsp; &nbsp;&nbsp;/** 手机号 */&nbsp; &nbsp;&nbsp;private&nbsp;static&nbsp;final&nbsp;Pattern&nbsp;MOBILE&nbsp;=&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;Pattern.compile("(?<=\\d{3})\\d{4}(?=\\d{4})");
&nbsp; &nbsp;&nbsp;/** 身份证 */&nbsp; &nbsp;&nbsp;private&nbsp;static&nbsp;final&nbsp;Pattern&nbsp;ID_CARD&nbsp;=&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;Pattern.compile("(?<=\\d{6})\\d{8}(?=\\d{4})");
&nbsp; &nbsp;&nbsp;@Override&nbsp; &nbsp;&nbsp;public&nbsp;LogEvent&nbsp;rewrite(LogEvent&nbsp;logEvent) {&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;if&nbsp;(logEvent ==&nbsp;null) {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;return&nbsp;logEvent;&nbsp; &nbsp; &nbsp; &nbsp; }
&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;String&nbsp;message = logEvent.getMessage().getFormattedMessage();&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;String&nbsp;masked =&nbsp;mask(message);
&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;return&nbsp;new&nbsp;Log4jLogEvent.Builder(logEvent)&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; .setMessage(new&nbsp;SimpleMessage(masked))&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; .build();&nbsp; &nbsp; }
&nbsp; &nbsp;&nbsp;private&nbsp;String&nbsp;mask(String&nbsp;text) {&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;Matcher&nbsp;m1 =&nbsp;MOBILE.matcher(text);&nbsp; &nbsp; &nbsp; &nbsp; text = m1.replaceAll("****");&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;Matcher&nbsp;m2 =&nbsp;ID_CARD.matcher(text);&nbsp; &nbsp; &nbsp; &nbsp; text = m2.replaceAll("********");&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;return&nbsp;text;&nbsp; &nbsp; }
&nbsp; &nbsp;&nbsp;@PluginFactory&nbsp; &nbsp;&nbsp;public&nbsp;static&nbsp;SensitiveRewritePolicy&nbsp;createPolicy() {&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;return&nbsp;new&nbsp;SensitiveRewritePolicy();&nbsp; &nbsp; }}

log4j.xml配置

<?xml version="1.0"&nbsp;encoding="UTF-8"?><Configuration&nbsp;status="WARN">
&nbsp; &nbsp;&nbsp;<Appenders>&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;<!-- 原始文件Appender -->&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;<RollingFile&nbsp;name="FILE"&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;fileName="/logs/app.log"&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;filePattern="/logs/app-%d{yyyy-MM-dd}.log.gz">&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;<PatternLayout&nbsp;pattern="%d{HH:mm:ss} [%t] %-5p %c - %m%n"/>&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;</RollingFile>
&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;<!-- RewriteAppender -->&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;<Rewrite&nbsp;name="REWRITE">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;<AppenderRef&nbsp;ref="FILE"/>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;<RewritePolicy&nbsp;ref="SensitiveRewritePolicy"/>&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;</Rewrite>&nbsp; &nbsp;&nbsp;</Appenders>
&nbsp; &nbsp;&nbsp;<Loggers>&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;<Root&nbsp;level="info">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;<AppenderRef&nbsp;ref="REWRITE"/>&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;</Root>&nbsp; &nbsp;&nbsp;</Loggers>
</Configuration>

四总结

| | | | | | — | — | — | — | | 方案 | 侵入性 | 维护成本 | 推荐指数 | | 自定义Layout | ⭐ | ⭐⭐ | ⭐⭐⭐⭐ | | AOP + 注解 | ⭐⭐⭐ | ⭐⭐⭐ | ⭐⭐⭐ | | 工具类 | ⭐⭐ | ⭐⭐ | ⭐⭐ | | RewriteAppender | ⭐ | ⭐⭐ | ⭐⭐⭐⭐ |

免责声明：

本文所载程序、技术方法仅面向合法合规的安全研究与教学场景，旨在提升网络安全防护能力，具有明确的技术研究属性。

任何单位或个人未经授权，将本文内容用于攻击、破坏等非法用途的，由此引发的全部法律责任、民事赔偿及连带责任，均由行为人独立承担，本站不承担任何连带责任。

本站内容均为技术交流与知识分享目的发布，若存在版权侵权或其他异议，请通过邮件联系处理，具体联系方式可点击页面上方的联系我。

本文转载自：码云精炼静观云起静观云起《Java 日志脱敏方案落地实践》