diff --git a/router/middleware/logger.go b/router/middleware/logger.go
index 2d49023c6..3cde2a61d 100644
--- a/router/middleware/logger.go
+++ b/router/middleware/logger.go
@@ -16,6 +16,7 @@ import (
 	"github.com/go-vela/server/router/middleware/user"
 	"github.com/go-vela/server/router/middleware/worker"
 	"github.com/go-vela/server/util"
+	"github.com/go-vela/types/constants"
 	"github.com/sirupsen/logrus"
 )
 
@@ -56,6 +57,7 @@ func Logger(logger *logrus.Logger, timeFormat string, utc bool) gin.HandlerFunc
 
 			body := c.Value("payload")
 			if body != nil {
+				body = sanitize(body)
 				fields["body"] = body
 			}
 
@@ -105,3 +107,14 @@ func Logger(logger *logrus.Logger, timeFormat string, utc bool) gin.HandlerFunc
 		}
 	}
 }
+
+func sanitize(body interface{}) interface{} {
+	if m, ok := body.(map[string]interface{}); ok {
+		if _, ok = m["email"]; ok {
+			m["email"] = constants.SecretMask
+			body = m
+		}
+	}
+
+	return body
+}
diff --git a/router/middleware/logger_test.go b/router/middleware/logger_test.go
index c4ef3a1e3..87f4e267b 100644
--- a/router/middleware/logger_test.go
+++ b/router/middleware/logger_test.go
@@ -11,6 +11,7 @@ import (
 	"net/http"
 	"net/http/httptest"
 	"reflect"
+	"strings"
 	"testing"
 	"time"
 
@@ -151,3 +152,68 @@ func TestMiddleware_Logger_Error(t *testing.T) {
 		t.Errorf("Logger Message is %v, want %v", gotMessage, wantMessage)
 	}
 }
+
+func TestMiddleware_Logger_Sanitize(t *testing.T) {
+	var logBody, logWant map[string]interface{}
+
+	r := new(library.Repo)
+	r.SetID(1)
+	r.SetUserID(1)
+	r.SetOrg("foo")
+	r.SetName("bar")
+	r.SetFullName("foo/bar")
+	logRepo, _ := json.Marshal(r)
+
+	b := new(library.Build)
+	b.SetID(1)
+	b.SetRepoID(1)
+	b.SetNumber(1)
+	b.SetEmail("octocat@github.com")
+	logBuild, _ := json.Marshal(b)
+
+	sanitizeBuild := *b
+	sanitizeBuild.SetEmail("[secure]")
+	logSBuild, _ := json.Marshal(&sanitizeBuild)
+
+	tests := []struct {
+		dataType string
+		body     []byte
+		want     []byte
+	}{
+		{
+			dataType: "stringMap",
+			body:     logRepo,
+			want:     logRepo,
+		},
+		{
+			dataType: "stringMap",
+			body:     logBuild,
+			want:     logSBuild,
+		},
+		{
+			dataType: "string",
+			body:     []byte("successfully updated step"),
+			want:     []byte("successfully updated step"),
+		},
+	}
+
+	for _, test := range tests {
+		if strings.EqualFold(test.dataType, "stringMap") {
+			err := json.Unmarshal(test.body, &logBody)
+			if err != nil {
+				t.Errorf("unable to unmarshal log body data")
+			}
+
+			err = json.Unmarshal(test.want, &logWant)
+			if err != nil {
+				t.Errorf("unable to unmarshal log want data")
+			}
+		}
+
+		got := sanitize(logBody)
+
+		if !reflect.DeepEqual(got, logWant) {
+			t.Errorf("Logger returned %v, want %v", got, logWant)
+		}
+	}
+}