Securing Logger Configuration

I have the following code within an Azure function which i used for Logging . SonarQube is complaining that the logger’s configuration in non secure.

 public override void Configure(IFunctionsHostBuilder builder)
             //Application logging


What can i do to fix this ?

Hey there.

What version of SonarQube are you using?

Hello, We are using

  • Enterprise Edition
  • Version 9.9 (build 65466)


This is a security hotspot requesting review – not a vulnerability that SonarQUbe is “complaining about”.

With hotspots, we try to give some freedom to users and educate them on how to choose the most relevant/appropriate protections depending on the context (for example, budgets and threats).

So if you’re sure the logging configuraiton is safe, you can mark the hotspot as Safe.

1 Like

Thanks for the clarification.