CX masks Personally Identifiable Information (PII) in all application logs to protect customer and agent data. Masking ensures that sensitive fields — such as names, contact details, and conversation content — never appear in plain text in system logs, supporting your data privacy and compliance obligations.
What Changed in CX 5.5.0
Prior to CX 5.5.0, the log masking configuration was overly broad — several non-PII fields were masked alongside genuine personal data. This reduced log readability and made troubleshooting slower for operations and support teams.
From CX 5.5.0, masking patterns have been refined to target only fields that genuinely contain personal data. Non-sensitive operational and diagnostic fields now appear in plain text, giving ops and support teams clearer logs without reducing compliance coverage.
|
|
Before CX 5.5.0 |
From CX 5.5.0 |
|---|---|---|
|
Scope |
Broad — PII and non-PII fields masked |
Targeted — PII-only fields masked |
|
Log readability |
Reduced — diagnostic fields obscured |
Improved — operational data visible |
|
Compliance coverage |
Maintained |
Maintained |
Fields Masked in Logs
The following categories contain fields that CX masks in application logs. Masking applies to fields classified as Strict PII — direct or quasi-identifiers that can identify a natural person.
|
Data Category |
Examples of Masked Fields |
|---|---|
|
CIM Message — Customer |
Customer first name, last name, phone number, email, channel identifiers |
|
CIM Message — Conversation Content |
Message body text, contact cards, media URLs, email content |
|
Agent Identity |
Agent display name, username |
|
Bot Data |
Raw customer text sent to bots, bot-generated responses |
|
Channel Data |
Channel-specific customer identifiers |
|
Socket Events |
Full CIM message payloads within WebSocket events |
Fields that carry system metadata, configuration values, status enums, boolean flags, timestamps, or internal technical identifiers are not masked — these appear in plain text from CX 5.5.0 onwards.
Applying the Updated Masking Configuration
The logback configmap replacement steps required to activate the updated masking patterns are included as part of the Core Helm chart deployment in the upgrade guide below. No separate action is required outside of the standard upgrade process.
If you are upgrading from CX 5.4.0, follow the CX 5.4.0 → CX 5.5.0 Upgrade Guide — the logback configmap steps are embedded in Step 3 (Deploy the Core Helm chart). Completing the standard upgrade automatically applies the refined masking patterns.