When talking about Personal Identifiable Information (PII) we are talking about strong and weak user identifiers. A strong identity for example is a username or email address. Weak identity is an IP address, browser user agent, cookie, or session id. A combination of weak identifiers gives us a strong user identifier.
When saving log events, you can not simply save the customer IP address, browser user agent, or cookie id in the web server or cloud log. Saving personal records as-is in logs makes your system not privacy-compliant unless you do one of the following:
What is so special about the Databunker session token?
Databunker can generate a special session token to save in the server logs files. Databunker provides you an additional API to make session info accessible without an additional password for a limited time. For example one month.
For an in-depth review of different methods to make your logs GDPR compliant take a look at the following article:
https://www.freecodecamp.org/news/how-to-stay-gdpr-compliant-with-access-logs/
The service live demo is available at https://demo.databunker.org/
Demo user credentials:
The easiest way to get started with Databunker is to run it as a Docker container:
docker run -p 3000:3000 -d --rm --name dbunker securitybunker/databunker demo
This command starts a local container with a DEMO
root access key. You can use it for the development or testing purposes. For a production installation, follow this installation guide.
You can interact with Databunker using:
3000
: localhost:30003000
: localhost:3000curl -s http://localhost:3000/v1/user -X POST -H "X-Bunker-Token: DEMO" \
-H "Content-Type: application/json" \
-d '{"first":"John","last":"Doe","login":"john","phone":"4444","email":"user@gmail.com"}'
curl -s -H "X-Bunker-Token: DEMO" -X GET http://localhost:3000/v1/user/email/user@gmail.com
curl -s -H "X-Bunker-Token: DEMO" -X GET http://localhost:3000/v1/user/login/john
For a full list of commands, follow the API document.