<div dir="ltr">The PCI-DSS (Payment Card Industry Data Security Standard) requires encryption, not merely permission restriction, for sensitive data. Hence I'm looking at the DTMF logging which can probably be easily re-patterned back into the digits, the curl POST which also shows everything in the log, the dialed_digits in a standard xml_cdr.. <div>
Otherwise, afaik, lua won't log things unless you explicitly tell it to.</div><div><br></div><div>Any suggestions other than setting the entire switch to fsctl loglevel 6 and not storing the xml_cdrs in their raw form?</div>
<div><br clear="all"><div dir="ltr"><span style="font-family:Verdana,Arial,Helvetica,sans-serif"><span style="font-size:small">-Avi</span></span></div><br><div class="gmail_quote">On Wed, May 30, 2012 at 8:11 PM, Michael Collins <span dir="ltr"><<a href="mailto:msc@freeswitch.org" target="_blank">msc@freeswitch.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">If it's a compliance issue then I'd triple-check to make sure that no one unauthorized can get to any of your FS logs or CDR data. I suspect that logging vs. not logging dialed_digits is not a make-or-break proposition. If you're doing xml_cdrs then you've probably got that same data in other log lines.<span class="HOEnZb"><font color="#888888"><br>
<br>-MC</font></span><div class="HOEnZb"><div class="h5"><br><br><div class="gmail_quote">On Wed, May 30, 2012 at 9:08 AM, Patrick Lists <span dir="ltr"><<a href="mailto:freeswitch-list@puzzled.xs4all.nl" target="_blank">freeswitch-list@puzzled.xs4all.nl</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On 30-05-12 17:48, Michael Collins wrote:<br>
> And.. similarly is there a way to blank out the var digits_dialed in<br>
> the xml_cdr, from within FS, before the end of the call?<br>
><br>
> Why do you need to clear it out? What information does it collect that<br>
> you don't need?<br>
<br>
Since it's credit card data I can imagine Avi does not want it logged<br>
for security purposes.<br>
<br>
Regards,<br>
Patrick<br></blockquote></div><br>
</div></div><br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
Join Us At ClueCon - Aug 7-9, 2012<br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br></div></div>