44.2 Logging policies: what to store and redact

Overview and links for this section of the guide.

On this page

The Log Risk

If you log the prompt "My password is 123", your logging provider (Datadog/Splunk) now has your password.

Redact logs at the source. `logger.info("Prompt sent", prompt.replace(pii_regex, "***"))`

Do not log full RAG contexts. They are huge and contain secrets. Log the Document IDs instead.