Skip to content

Custom Create

This article describes how to create custom sensitive data scanning rules to meet specific enterprise data protection requirements.

Configuration

Step 1: Set Scan Scope

  1. Data Type: Select the data types to be scanned (e.g., LOG, Metrics, APM, RUM, etc.).
  2. Data Filtering: Limit the data scope for scanning through filter conditions to avoid performance impact from full scans.

Step 2: Define Matching Rules

  1. Rule Name: Custom rule name for identification and management.
  2. Regular Expression: Regular expression used to match sensitive data, e.g., \d{18} matches 18-digit ID numbers.
  3. Data Test: Enter a string of data and click Test to verify if it matches the regular expression (❗️Test data will not be saved).
Regular Expression Examples
  • ID Number: \d{17}[\dXx] or \d{18}
  • Phone Number: 1[3-9]\d{9}
  • Bank Card Number: \d{16,19}
  • Email: \w+@\w+\.\w+

Step 3: Configure Sensitive Data Handling

Desensitization Field Scope

  • All Fields: Desensitize all fields containing matched sensitive data.
  • Specified Fields: Desensitize only the specified fields (selected by default).
  • Excluded Fields: Desensitize all fields except the specified ones.

Desensitization Methods

  • General Encryption: Replace all matched sensitive data with *.
  • Partial Encryption: Replace part of the sensitive data string with , allowing retention of some sensitive information, e.g., phone number ****1005.
  • Replacement Encryption: Replace all matched sensitive data with a specified string; the replacement is irreversible.
  • MD5 Encryption: Encrypt any data into a fixed-length string; the replacement is irreversible.
Characteristics of MD5 Encryption
  1. Fixed Length: Regardless of the original string length, the encrypted result has the same length, i.e., 32 characters.
  2. High Dispersion: Any change to the original data, even a minor one, results in a vastly different output.
  3. Irreversible Operation: Given the encrypted result, it is impossible to obtain the original string through reverse computation, but filtering and locating are still possible.

Add Tags

Add custom tags to the desensitized data for subsequent identification and management. Separate multiple tags with English commas ,.

Further Reading

You might also be interested in:

Feedback

Is this page helpful? ×