Anonymize client IP for logging
Strip the last octet or compute a hash of client IP address for anonymization.
VCL
Use this solution in your VCL service (click RUN below to test this solution or clone it to make changes):
Compute@Edge
Use this solution in your Compute@Edge service:
- Rust
const KEEP_IPV4_BYTES: usize = 3;const KEEP_IPV6_BYTES: usize = 6; if let Some(ip) = req.get_client_ip_addr() { let anon = anonymize(&ip); log::info!("IP {} anonymized to {}", ip, anon); } else { log::info!("could not find client ip"); }fn anonymize(ip: &IpAddr) -> IpAddr { match ip { IpAddr::V4(ip) => { let mut o = ip.octets(); o[KEEP_IPV4_BYTES..].copy_from_slice(&[0; 4 - KEEP_IPV4_BYTES]); IpAddr::V4(o.into()) } IpAddr::V6(ip) => { let mut o = ip.octets(); o[KEEP_IPV6_BYTES..].copy_from_slice(&[0; 16 - KEEP_IPV6_BYTES]); IpAddr::V6(o.into()) } }}