Managing Data Redaction

Follow

 

Contents

Introduction

Ways to Identify Data Redaction
– Patterns
– Code Identifiers
– Classes
Packages

Resetting Errors

How Data Redaction Filtering Affects Errors in OverOps

Related Articles

 

Introduction

OverOps encrypts all your data before it leaves your servers, but some types of data that you may not want OverOps to capture at all. Personally Identifiable Information (PII) often requires special attention and careful handling. With Data Redaction, sensitive information is sure never to leave the server.

Note: Data Reduction is available with Admin or Owner privileges only, members have viewer permissions.

Identifying Data Redaction

There are four methods for filtering Data Redaction within OverOps:

  1. Patterns
  2. Code Identifiers
  3. Classes
  4. Packages.

For each category, you can add, modify or remove filters.

To view or set Data Reduction filters:

  1. From the OverOps Dashboard, click Settings and select Data Reduction.
    The Data Redaction dialog box opens.
  2. To add or modify filters, proceed to the instructions in the sections according to the chosen filtering method.

Filtering is turned on by default. To disable filtering in general:

  • From the Data Redaction dialog box, turn off Filtering on
    All filtering is disabled.

Data Redaction Dialog box

Patterns

When the Agent on one of the JVMs recognizes a pattern that matches a filter from the configured list, that information is not collected. The pattern is matched to the value, not name of the variable. Default patterns include credit cards, IP addresses, phone numbers, physical addresses and ID numbers. To filter data according to a pattern, select a pattern type and from the slider turn on the specific pattern to filter out.

Patterns are written as Regular Expressions.

Pattern Filters 

To add new patterns:

  1. Enter the Regular Expression for the pattern and click Add.
    The Add Pattern dialog box opens.
  2. Name the pattern and click Save.

 Any expression matching this pattern will not be collected by OverOps.

To remove a pattern from filtering:

  • Hover over the pattern and click Delete.
    You are prompted to confirm.

Code Identifiers

When an Agent on your server recognizes a variable name that matches a filter from the configured list, that information is not collected. The code identifiers are matched to the names, not the value of the variable. OverOps provides a large variety of default identifiers.

To add a new code identifier to the filter list:

  • At the bottom of the dialog box, enter the code identifier and click Add. Separate multiple identifiers by with commas.

To remove a variable from filtering:

  • Hover over the variable and click X.
    You are prompted to confirm.

Code Identifiers Filter List

Classes

From the Classes tab, you can add, modify, or remove entire classes from redaction. When the JVM Agent recognizes a listed class, it does not send data from that class off the server.

To add a class to the filter list:

  • At the bottom of the dialog box, enter the class and click Add. Separate multiple classes by  with commas.


Classes Filtering Tab

To remove a class from filtering:

  • Hover over the class and click X.
    You are prompted to confirm.

Packages

From the Packages tab, you can add, modify, or delete entire packages of classes to redact. When the JVM Agent recognizes a listed packages, it does not send data from that class off the server. 

To add a package to the filter list:

  • At the bottom of the dialog box, enter the package and click Add. Separate multiple packages by with commas.


Packages Filtering Tab

To remove a package from filtering:

  • Hover over the package and click X.
    You are prompted to confirm.

Resetting Changes

Changes you make in the security settings are implemented automatically. Changes are applied to all errors and exceptions that OverOps captures from that point on. Changes to settings are not applied retroactively. To restore the default settings, click Reset at the bottom left corner of the Data Redaction window.

 Events with Data Redaction Displayed in OverOps

When the JVM Agent recognizes information included in the Data Redaction settings, it does not record that data from the server. Events and exceptions that contain filtered PII, the sensitive data is presented in the Dashboard with an asterisk.

The examples below demonstrate how filtered data is displayed in each View:

  • Code View: Patterns, code identifiers, and classes are applied

Screen-Shot-2015-01-13-at-3.17.30-PM1.jpg

Error with a PII-filtered variable in Code View

  • Log View: Only patterns are applied

Screenshot_from_2017-03-23_17-15-30.png

Error with a PII-filtered log line in Log View

  • JVM View: Only code identifiers are applied

Screenshot_from_2017-03-23_17-13-03.png

Error with a PII-filtered JVM argument in JVM View

Related Articles

Security Page

Troubleshooting page

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.