How do I scan logs for secrets before sharing?

Short answer: Scan the log text for key, token, secret, cookie, private key, and connection-string patterns, then replace values with stable placeholders before sharing.

Steps

1. Paste the smallest log or config snippet needed for review.
2. Look for API keys, bearer tokens, cookies, private keys, and database URLs.
3. Replace sensitive values with placeholders that preserve shape but remove the secret.
4. Rotate any credential that was already shared outside a trusted boundary.

Related tools