How to Secure E‑commerce Copilot Logs with SLS Masking and LoongCollector

Background

In modern e‑commerce platforms, intelligent assistants handle hundreds of requests per second, generating logs that often contain personal data such as phone numbers, order IDs, addresses, bank cards, and internal tokens. Storing or exporting these logs unmasked violates data‑minimization principles and creates privacy risks, yet logs are essential for troubleshooting, analytics, and audit.

Solution Overview

The demo uses Alibaba Cloud Log Service (SLS) together with its mask (data‑masking) functions and a lightweight log collector called LoongCollector . The collector gathers logs from the Dify orchestration platform, backend services, and system stdout, then forwards them to an SLS LogStore where a processing pipeline masks sensitive fields before they are persisted.

Data Flow Architecture

All logs flow through the following pipeline:

LoongCollector captures host text logs, Kubernetes container logs, and HTTP data.

Collected logs are sent to an SLS LogStore.

A write‑processor in SLS applies an SPL mask function to the specified fields.

The resulting LogStore contains only masked data, which can be safely used by operations, product, and security teams.

Mask Function Details

SLS provides two matching modes:

Built‑in matching (buildin) : out‑of‑the‑box detection for six common data types (mobile number, ID card, email, IP address, landline, bank card).

Keyword matching (keyword) : automatically masks any value that appears in a typical key‑value pair ("key":"value", "key"='value', key=value).

Both modes allow custom suffix/prefix preservation, e.g., keeping the first three and last four digits of a phone number.

Configuration Steps

Install LoongCollector on the service host and configure the log file path (e.g., /var/log/copilot/*.log).

Create a data‑processing processor in the SLS project, adding an SPL mask rule that targets fields such as phone, id_number, bank_card, email, ip, etc.

Apply the processor to the target LogStore via the "Write Processor" tab.

Resulting Log Comparison

Before masking, logs contain full personal identifiers. After applying the processor, the same logs show masked values (e.g., 138****1234), while still retaining enough information for debugging and correlation (trace_id, request IDs).

Benefits for Different Teams

Operations

Engineers can trace the full request chain (intent → order service → refund service → payment gateway) using trace_id, without exposing raw personal data. Masked fields still allow identity verification when needed.

Product / Analytics

Aggregated reports (UV, PV, consultation categories, repeat rates) are generated from masked logs, ensuring user privacy while delivering actionable insights.

Security & Compliance

Since masking occurs at write time, there is no risk of residual plaintext in storage or export. SLS also supports custom log retention periods (>180 days) and role‑based access controls, fulfilling audit requirements.

Conclusion

By closing the loop between LoongCollector and SLS masking, enterprises achieve a unified pipeline where logs are simultaneously secure, observable, and analyzable. This approach enables reliable operations, data‑driven product decisions, and compliant security auditing without sacrificing performance.