Secure E‑commerce Copilot Logs with Alibaba Cloud SLS Masking and LoongCollector

Background and Problem

In the past two years, e‑commerce customer service, ticketing, and logistics have become highly automated, generating massive amounts of logs that often contain sensitive data such as phone numbers, order IDs, addresses, bank cards, IPs, and internal tokens. Storing or exporting these logs without protection violates data‑minimization principles and risks accidental leakage, yet logs are essential for troubleshooting, analytics, and audit.

Solution Overview

The article demonstrates a practical solution using an e‑commerce Copilot demo, Alibaba Cloud Log Service (SLS) masking functions, and LoongCollector for log collection. The approach masks sensitive fields before they are written to the LogStore, preserving business logic while ensuring privacy.

Architecture and Data Flow

The Copilot system is orchestrated by the Dify platform, which coordinates user input, intent recognition, backend calls, and response generation. Because Dify only provides node‑level execution logs and lacks fine‑grained visibility of downstream API calls, errors, and latency, LoongCollector is deployed alongside Dify services to capture all logs (Dify orchestration logs, backend service logs, and standard output) and forward them to an SLS LogStore in a unified format.

Log Collection with LoongCollector

LoongCollector is a lightweight log collector that supports host text logs, Kubernetes container logs, and HTTP data. For the Copilot demo, logs are printed as JSON files on the host. Configuration steps include:

Specify the log file path in the collector configuration.

Masking Sensitive Data in SLS

SLS provides a mask function with two matching modes:

Built‑in matching : Recognizes six common types of sensitive information (phone number, ID card, email, IP address, landline, bank card) out of the box.

Keyword matching : Detects any key‑value pair in JSON or plain text (e.g., "key":"value") and masks the value.

By creating a data processor with the appropriate SPL mask configuration, fields such as IP, email, phone number, ID, credit‑card number, name, and address can be masked, optionally preserving prefixes and suffixes (e.g., keep first three and last four digits of a phone number).

Applying the Mask Processor

After creating the processor, select the target LogStore and enable the processor in the "Write Processor" tab. The masked logs are then stored securely.

Benefits for Different Teams

Operations Engineers – Troubleshooting

Masked logs still contain trace IDs, allowing engineers to follow the full call chain (intent recognition → order service → refund service → payment gateway) and locate issues without exposing raw personal data.

Product/Operations Teams – Analytics

Aggregated reports show UV, PV, interaction counts, query categories, repeat rates, conversion funnels, and top‑10 users, all with anonymized identifiers, enabling data‑driven decisions while preserving privacy.

Security and Compliance Teams – Auditing

Pre‑write masking eliminates plaintext data at the source, reducing the risk of residual sensitive information. SLS also supports custom log retention periods (>180 days for audit logs) and role‑based access controls. CloudLens for SLS provides asset usage monitoring and audit trails.

Conclusion

Integrating LoongCollector with SLS masking creates a closed‑loop pipeline where logs are collected, masked, and stored securely. Operations can troubleshoot, product teams can analyze, and security can audit without exposing raw personal data. This reusable pattern—write‑side masking, default masked storage, and role‑based access—enables enterprises to scale Copilot services while balancing efficiency and compliance.