OverOps encrypts all your data before it leaves your servers, but some types of data that you may not want OverOps to capture at all. Personally Identifiable Information (PII) often requires special attention and careful handling. With Data Redaction, sensitive information is sure never to leave the server.
Note: Data Reduction is available with Admin or Owner privileges only, members have viewer permissions.
There are four methods for filtering Data Redaction within OverOps:
- Code Identifiers
For each category, you can add, modify or remove filters.
To view or set Data Reduction filters:
- From the OverOps Dashboard, click Settings and select Data Reduction.
The Data Redaction dialog box opens.
- To add or modify filters, proceed to the instructions in the sections according to the chosen filtering method.
Filtering is turned on by default. To disable filtering in general:
- From the Data Redaction dialog box, turn off Filtering on.
All filtering is disabled.
Data Redaction Dialog box
When the Agent on one of the JVMs recognizes a pattern that matches a filter from the configured list, that information is not collected. The pattern is matched to the value, not name of the variable. Default patterns include credit cards, IP addresses, phone numbers, physical addresses and ID numbers. To filter data according to a pattern, select a pattern type and from the slider turn on the specific pattern to filter out.
Patterns are written as Regular Expressions.
To add new patterns:
- Enter the Regular Expression for the pattern and click Add.
The Add Pattern dialog box opens.
- Name the pattern and click Save.
Any expression matching this pattern will not be collected by OverOps.
When an Agent on your server recognizes a variable name that matches a filter from the configured list, that information is not collected. The code identifiers are matched to the names, not the value of the variable. OverOps provides a large variety of default identifiers.
To add a new code identifier to the filter list:
- Type the code identifier in the box at the bottom of the dialog box and click Add. Enter multiple variable names by separating them with commas.
To remove a variable from filtering, hover over it and click X.
Code Identifiers Filter List
Under the Classes tab, you can add, modify, or delete entire classes to redact. When the JVM Agent recognizes a listed classes, it does not send data from that class off the server.
To add a new class to the filter list:
- Type it into the box at the bottom of the dialog box and click Add. Enter multiple classes by separating them with commas.
Classes Filtering Tab
Under the Packages tab, you can add, modify, or delete entire packages of classes to redact. When the JVM Agent recognizes a listed packages, it does not send data from that class off the server.
To add a new package to the filter list:
- Type it into the box at the bottom of the dialog box and click Add. Enter multiple packages, by separating them with commas.
Packages Filtering Tab
Changes you make in the security settings are implemented automatically. Changes are applied to all errors and exceptions that OverOps captures from that point on. Changes to settings are not applied retroactively. To restore the default settings, click Reset at the bottom left corner of the Data Redaction window.
When the JVM Agent recognizes information included in the Data Redaction settings, it does not record that data from the server. Events and exceptions that contain filtered PII, the sensitive data is presented in the Dashboard with an asterisks.
The examples below demonstrate how filtered data is displayed in each view:
- Code View: Patterns, code identifiers, and classes are applied
An error in OverOps with a PII-filtered variable in Code View
- Log View: Only patterns are applied
An error in OverOps with a PII-filtered log line in Log View
- JVM View: Only code identifiers are applied
An error in OverOps with a PII-filtered JVM argument in JVM View