.NET SDK and scrubbing sensitive data

I’m working on a webapp (.NET Framework 4.7) that currently uses the Raven client for Sentry. I am trying to move us off that to the new .NET SDK.

In the Raven client, we used LogScrubbers which executed some of our scrubbing code against the JSON when the HttpRequester.RequestAsync() method was called (if I’m reading the Raven source correctly).

The new SDK has a BeforeSend capability that allows a callback (my code) to be executed however at that point I only have the SentryEvent, not serialized JSON. I don’t think that the new SDK has any extension points further along the processing pipeline than BeforeSend.

Is the recommended approach to replicate the legacy LogScrubber capability for me to take the SentryEvent and handle the scrubbing on any public properties (and their sub-properties) or is there something that I am missing?



You are right that in the new SDK the extensibility point for scrubbing data on the client is BeforeSend. You could also add a EventProcessor but BeforeSend is really the last thing that runs before the event is serialized and sent to Sentry.

At that point you have access to the structured data which is simpler to inspect, specially in a statically typed language. In the case of the serialized JSON you’d be doing manipulating/regex on a rather large string but I understand that’s the solution you already have. If moving over to inspecting SentryEvent isn’t an option, one last option would be to implement your own Transport. For example copying the current HttpTransport and adding the PII stripping in between serialization and creating the HttpMessage. We could also consider making the transport public and marking that method virtual to add an extensibility point.

Would this work? Cheers


Yup - that sounds like the best approach.