Azure Front Door log scrubbing tool helps you remove sensitive data (e.g. personal identifiable information) from your Azure Front Door access logs. It works by enabling log scrubbing at Azure Front Door profile level and selecting the log fields to be scrubbed. Once enabled, the tool scrubs that information from your logs generated under this profile and replaces it with “****”.
Normally, when a request is served by Azure Front Door, Azure Front Door logs the details of the request in clear text. Sensitive data might be included in the request URL (such as customer passwords), and client IP and socket IP are logged. These data are viewable by anyone with access to the Azure Front Door access logs. To protect customer data, you can set up log scrubbing rules targeting this sensitive data for protection.