The current behavior when hashing IP addresses on Event Logging is to generate a 'salt' (really a key) at runtime and to
use it continuously for the lifetime of the program. The lifespan of the key
and the cheapness of the hash function make it easier to attack.
Per security's team request we should be making EventLogging scramble IPs by generating an HMAC SHA1 with the IP address
as the message and a random byte string as the key. The key rotates every 90
days.
Version: unspecified
Severity: normal