Logback's DBAppender logs all properties in its context and MDC to the database. I would like to control which properties are logged, specifically filtering out certain values, but I can't find any options to do so. The documentation is terse:

The logging_event_property is used to store the keys and values contained in the MDC or the Context

It should be possible to exclude certain properties, especially sensitive properties such as database connection parameters.

Here is an example:

Logback is configured with a DBAppender that loads its properties from vct.properties:

<configuration>
<property resource="vct.properties" />

<appender name="DB" class="ch.qos.logback.classic.db.DBAppender">
<connectionSource class="ch.qos.logback.core.db.DataSourceConnectionSource">
<dataSource class="com.mchange.v2.c3p0.ComboPooledDataSource">
<driverClass>com.mysql.jdbc.Driver</driverClass>
<jdbcUrl>jdbc:mysql://${log.db.host}:${log.db.port}/${log.db.schema}</jdbcUrl>
<user>${log.db.username}</user>
<password>${log.db.password}</password>
</dataSource>
</connectionSource>
</appender>

<root level="DEBUG">
<appender-ref ref="DB" />
</root>
</configuration>
vct.properties has the connection settings:

log.db.host=localhost
log.db.port=3306
log.db.schema=logs_development
log.db.username=loguser
log.db.password=logpass
When an event is logged, all of the connection settings are logged:

mysql> select * from logging_event_property where event_id=1;
----------------------------------------------------------------------

----------------------------------------------------------------------

----------------------------------------------------------------------

Note that this is also documented on Stack Overflow, and logged as a bug per Ceki's request: http://stackoverflow.com/questions/2648267/can-i-prevent-logbacks-dbappender-from-logging-specific-properties/