Include redaction

Author: mariamgerges

aspnetcore/fundamentals/http-logging/index.md

@@ -33,6 +33,7 @@ HTTP logging ***can reduce the performance of an app***, especially when logging
 
 > [!WARNING]
 > HTTP logging can potentially log personally identifiable information (PII). Consider the risk and avoid logging sensitive information.
+> For more information about redaction, check [redacting sensitive data](#redacting-sensitive-data)
 
 ## Enable HTTP logging
 
@@ -205,3 +206,89 @@ The following list shows the order of precedence for logging configuration:
 :::moniker-end
 
 [!INCLUDE[](~/fundamentals/http-logging/includes/index-6-7.md)]
+
+## Redacting sensitive data
+
+Http logging with redaction can be enabled by calling <xref:Microsoft.Extensions.DependencyInjection.HttpLoggingServiceCollectionExtensions.AddHttpLoggingRedaction>.
+
+[!code-csharp[](~/fundamentals/http-logging/samples/8.x/Program.cs?name=snippet6&highlight=6)]
+
+For more information about .NET's data redaction library, see [Data redaction in .NET](data-redaction.md).
+
+## Logging redaction options
+
+To configure options for logging with redaction, call <xref:Microsoft.Extensions.DependencyInjection.HttpLoggingServiceCollectionExtensions.AddHttpLoggingRedaction> in `Program.cs`, using the lambda to configure <xref:Microsoft.AspNetCore.Diagnostics.Logging.LoggingRedactionOptions>.
+
+[!code-csharp[](~/fundamentals/http-logging/samples/8.x/Program.cs?name=snippet_redactionOptions)]
+[!code-csharp[](~/fundamentals/http-logging/samples/8.x/MyTaxonomyClassifications.cs)]
+
+Given this configuration, this is the expected output:
+
+```output
+info: Microsoft.AspNetCore.HttpLogging.HttpLoggingMiddleware[9]
+      Request and Response:
+      server.address: localhost:61361
+      Path: /
+      http.request.header.accept:
+      Protocol: HTTP/2
+      Method: GET
+      Scheme: https
+      http.response.header.content-type:
+      StatusCode: 200
+      Duration: 8.4684
+info: Microsoft.AspNetCore.Hosting.Diagnostics[2]
+      Request finished HTTP/2 GET https://localhost:61361/ - 200 - text/plain;+charset=utf-8 105.5334ms
+```
+
+> [!NOTE]
+> Request path `/home` is not logged because it is included in `ExcludePathStartsWith` property.
+> `http.request.header.accept` and `http.response.header.content-type` were redacted by the <xref:Microsoft.Extensions.Compliance.Redaction.ErasingRedactor>.
+
+### `RequestPathLoggingMode`
+
+<xref:Microsoft.AspNetCore.Diagnostics.Logging.LoggingRedactionOptions.RequestPathLoggingMode> determines how the request path is logged, whether `Formatted` or `Structured`.
+
+* <xref:Microsoft.AspNetCore.Diagnostics.Logging.IncomingPathLoggingMode.Formatted> logs the request path without parameters.
+* <xref:Microsoft.AspNetCore.Diagnostics.Logging.IncomingPathLoggingMode.Structured> logs the request path with parameters included.
+
+[!code-csharp[](~/fundamentals/http-logging/samples/8.x/Program.cs?name=snippet_redactionOptions&highlight=9)]
+
+### `RequestPathParameterRedactionMode`
+
+<xref:Microsoft.AspNetCore.Diagnostics.Logging.LoggingRedactionOptions.RequestPathParameterRedactionMode> specifies how route parameters in the request path should be redacted, whether `Strict` or `None`.
+
+* <xref:Microsoft.AspNetCore.Diagnostics.Logging.HttpRouteParameterRedactionMode.Strict>: request route parameters are considered as sensitive and are redacted by default.
+* <<xref:Microsoft.AspNetCore.Diagnostics.Logging.HttpRouteParameterRedactionMode.None>: request route parameters are considered as non-sensitive and logged as-is by default.
+
+[!code-csharp[](~/fundamentals/http-logging/samples/8.x/Program.cs?name=snippet_redactionOptions&highlight=8)]
+
+### `RequestHeadersDataClasses`
+
+<xref:Microsoft.AspNetCore.Diagnostics.Logging.LoggingRedactionOptions.RequestHeadersDataClasses> maps request headers to their data classification, which determines how they are redacted.
+
+[!code-csharp[](~/fundamentals/http-logging/samples/8.x/Program.cs?name=snippet_redactionOptions&highlight=10)]
+
+### `ResponseHeadersDataClasses`
+
+<xref:Microsoft.AspNetCore.Diagnostics.Logging.LoggingRedactionOptions.ResponseHeadersDataClasses> similar to <xref:responseheadersdataclasses>, but for response headers.
+
+[!code-csharp[](~/fundamentals/http-logging/samples/8.x/Program.cs?name=snippet_redactionOptions&highlight=11)]
+
+### `RouteParameterDataClasses`
+
+<xref:Microsoft.AspNetCore.Diagnostics.Logging.LoggingRedactionOptions.RouteParameterDataClasses> maps route parameters to their data classification.
+
+[!code-csharp[](~/fundamentals/http-logging/samples/8.x/Program.cs?name=snippet_redactionOptions&highlight=12,13,14,15)]
+
+### `ExcludePathStartsWith`
+
+<xref:Microsoft.AspNetCore.Diagnostics.Logging.LoggingRedactionOptions.ExcludePathStartsWith> specifies paths that should be excluded from logging entirely.
+
+[!code-csharp[](~/fundamentals/http-logging/samples/8.x/Program.cs?name=snippet_redactionOptions&highlight=16,17)]
+
+### `IncludeUnmatchedRoutes`
+
+<xref:Microsoft.AspNetCore.Diagnostics.Logging.LoggingRedactionOptions.IncludeUnmatchedRoutes> allows you to report unmatched routes.
+If set to true, it will log whole path of routes not identified by ASP.NET Routing instead of logging `Unknown` value for path attribute.
+
+[!code-csharp[](~/fundamentals/http-logging/samples/8.x/Program.cs?name=snippet_redactionOptions&highlight=18)]