Why this matters
Centralized redaction prevents accidental leakage across codepaths.
Register a Monolog processor to mask emails/phones and attach pii_redacted:true; forbid direct logging of raw identifiers.
Centralized redaction prevents accidental leakage across codepaths.
Side-by-side examples engineers can pattern-match during review.
$logger->info('signup', ['email' => $email]);$logger->pushProcessor(function(array $record){
$msg = json_encode($record['context']);
$msg = preg_replace('/[\w.+-]+@\w+\.[\w.-]+/','[redacted-email]',$msg);
$record['extra']['pii_redacted'] = true;
$record['context'] = json_decode($msg, true);
return $record;
});$logger->info('login', ['email_hash' => $hash]);$logger->info('login', ['email' => $email]);From the same buckets as this rule.