Sensitive Data Masking¶
After data is collected and reported to the Guance workspace, sensitive information fields contained within, such as IP addresses and user information, can be masked by setting up sensitive fields.
Note
-
Different data types (including: LOGs, basic objects, resource catalogs, events, application performance, user analysis, security checks, NETWORKs, Profile) can have their own sensitive fields configured (field names are case-sensitive);
-
After field masking configuration,
stringtype field data will return as***; -
Only after adding a masking rule will selected members with appropriate roles be able to view the original data; other members will not be able to see unmasked information in Explorers or charts.
Adding Rules¶
- Navigate to Manage > Sensitive Data Masking > Add Masking Rule;
- Define the name of the masking rule;
- Select the data type;
- Input the fields that need masking (you may select one or multiple);
- Write a regular expression to configure masking for field values using regex syntax; currently supports directly selecting from the template library or custom input;
- Click preview, enter the original text, click mask to view the masking effect.
- Select the roles that need data masked;
- Confirm, and you can then view already configured sensitive fields.
Note
If you need to mask multiple fields, use a comma , to separate them; all fields are indicated by *.
As shown in the figure, the system will mask matching results based on the left-hand regular expression with ***.
Managing Rules¶
- In the search bar on the right side of the page, input the rule name to quickly locate it;
- Edit and modify the current rule;
- Delete a specific rule;
- Batch-select rules and enable, disable, or delete them.