From 30e7faae9334344b5427920e611e11cd55833037 Mon Sep 17 00:00:00 2001
From: Florence Morris <florence@cockroachlabs.com>
Date: Wed, 13 Dec 2023 16:42:33 -0500
Subject: [PATCH] (1) Updated Configure Logs page, Redact Logs section with
 recommendation to use external log collector to redact logs. (#18104)

---
 src/current/v23.1/configure-logs.md | 4 +++-
 src/current/v23.2/configure-logs.md | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/current/v23.1/configure-logs.md b/src/current/v23.1/configure-logs.md
index 9c2406909af..95ae82777a1 100644
--- a/src/current/v23.1/configure-logs.md
+++ b/src/current/v23.1/configure-logs.md
@@ -509,13 +509,15 @@ http-defaults:
 In addition, the `DEV` channel should be output to a separate logging directory, since it is likely to contain sensitive data. See [`DEV` channel](#dev-channel).
 {{site.data.alerts.end}}
 
-External log collectors can misinterpret the `cockroach debug` redaction markers, since they are specific to CockroachDB. To prevent this issue when using network sinks, disable `redactable`:
+External log collectors can misinterpret the `cockroach debug` redaction markers (`< >`), since they are specific to CockroachDB. To prevent this issue when using network sinks, disable `redactable`:
 
 ~~~ yaml
 fluent-defaults:
   redactable: false
 ~~~
 
+If the default redaction behavior and policies do not meet redaction requirements, we recommend using the external log collectors with the redaction markers (`< >`) to redact. In this case, enable `redactable`.
+
 ### DEV channel
 
 The `DEV` channel is used for debug and uncategorized messages. It can therefore be noisy and contain sensitive (PII) information.
diff --git a/src/current/v23.2/configure-logs.md b/src/current/v23.2/configure-logs.md
index adc478758b3..15a21c3f4e7 100644
--- a/src/current/v23.2/configure-logs.md
+++ b/src/current/v23.2/configure-logs.md
@@ -576,13 +576,15 @@ http-defaults:
 In addition, the `DEV` channel should be output to a separate logging directory, since it is likely to contain sensitive data. See [`DEV` channel](#dev-channel).
 {{site.data.alerts.end}}
 
-External log collectors can misinterpret the `cockroach debug` redaction markers, since they are specific to CockroachDB. To prevent this issue when using network sinks, disable `redactable`:
+External log collectors can misinterpret the `cockroach debug` redaction markers (`< >`), since they are specific to CockroachDB. To prevent this issue when using network sinks, disable `redactable`:
 
 ~~~ yaml
 fluent-defaults:
   redactable: false
 ~~~
 
+If the default redaction behavior and policies do not meet redaction requirements, we recommend using the external log collectors with the redaction markers (`< >`) to redact. In this case, enable `redactable`.
+
 ### DEV channel
 
 The `DEV` channel is used for debug and uncategorized messages. It can therefore be noisy and contain sensitive (PII) information.