Log level configurable?

[mig5]

Hi,

I find the logging to /var/log/ykval.log (for the Validation server) and /var/log/auth.log (KSM, per the current out-of-the-box config) extremely verbose, and this might expose more info than desired in logs, even in relatively secured servers.

E.G the KSM appears to log 'plaintext' values post-decryption, not sure how sensitive but it raises alarm bells

Is there any way to configure the verbosity level in the config.php files in /etc/yubico/(val or ksm)/* ? I can't seem to find any sample configuration or documentation that states it's possible (without modifying the PHP directly)

Thanks

[klali]

Typically loglevel would be configured in syslog, using:

local0.info -/var/log/ykval.log

or similar

[keachi]

I would appreciate a configuration option in config.php.
Decrease logging into syslog is easy, but modern systems have journald and the service should normally not log that much into journald.