diff --git a/plugins/discourse-nginx-performance-report/script/nginx_analyze.rb b/plugins/discourse-nginx-performance-report/script/nginx_analyze.rb
index c30045ee4..538cfc7bb 100644
--- a/plugins/discourse-nginx-performance-report/script/nginx_analyze.rb
+++ b/plugins/discourse-nginx-performance-report/script/nginx_analyze.rb
@@ -33,6 +33,8 @@ class LogAnalyzer
         result.route += " (PUT)"
       end
 
+      result.url = self.sanitize_url(result.url)
+
       result
     end
 
@@ -43,6 +45,12 @@ class LogAnalyzer
     def parsed_timge
       DateTime.strptime(time, TIME_FORMAT) if time
     end
+
+    private
+
+    def self.sanitize_url(url)
+      url.gsub(/(api_key|api_user)=(\w+)/, '\1=[FILTERED]')
+    end
   end
 
   attr_reader :total_requests, :message_bus_requests, :filenames,