(Optional) Filter Sensitive Data Using the Collector
While sensitive data can be helpful for diagnosis and troubleshooting, security considerations may require filtering certain information. Data filtering can be done at the agent level or the Collector level. This page includes the recommended configurations to filter the sensitive data at the Collector level. Sensitive data such as identity, credit card information, or email addresses require special data management to ensure data protection and compliance with industry standards.
Sensitive data sent to Splunk AppDynamics can be removed using the Splunk AppDynamics Distribution for OpenTelemetry Collector or the OpenTelemetry Collector. To filter the sensitive data using the Collector, perform the following steps:
- Add the required processors to the Collector's configuration file. The processors allow you to delete, redact, or hash specific attributes.
- Activate the processor functionality by modifying the appropriate
service | pipelines.
The processors available for filtering sensitive data are:
一般的なフィルタリングシナリオ
属性
属性プロセッサを使用して、クレジットカード情報、パスワード、その他の機密値などの特定のキーを削除します。属性プロセッサと一般的な ID 属性を参照してください。
credit_card_number 属性に表示される値を編集できます。
...
processors:
attributes/update:
actions:
- key: credit_card_number
value: redacted
action: update
...
service:
pipelines:
traces:
processors: [..., attributes/update, ...]
metrics:
processors: [..., attributes/update, ...]
logs:
processors: [..., attributes/update, ...]
... user.password を削除できます。...
processors:
attributes/update:
actions:
- key: user.password
action: delete
...
service:
pipelines:
traces:
processors: [..., attributes/update, ...]
metrics:
processors: [..., attributes/update, ...]
logs:
processors: [..., attributes/update, ...]
...情報の再編集
編集プロセッサを使用して、description、group、id、および name を除くすべての属性を削除します。編集プロセッサを参照してください。
...
processors:
redaction/update:
allow_all_keys: false
allowed_keys:
- description
- group
- id
- name
...
service:
pipelines:
traces:
processors: [..., redaction/update, ...]
metrics:
processors: [..., redaction/update, ...]
logs:
processors: [..., redaction/update, ...]
...redaction プロセッサを使用し、Visa および Master カード形式の正規表現フィルタを使用してカード番号をブロックします。
...
processors:
redaction/update:
allow_all_keys: true
blocked_values:
- "4[0-9]{12}(?:[0-9]{3})?" ## Visa credit card number
- "(5[1-5][0-9]{14})" ## MasterCard number
summary: debug
...
service:
pipelines:
traces:
processors: [..., redaction/update, ...]
metrics:
processors: [..., redaction/update, ...]
logs:
processors: [..., redaction/update, ...]
...変革
変換プロセッサを使用して、特定の値をマスクします。変換プロセッサを参照してください。
service.name、service.namespace、cloud.region、process.command_line を除くすべての属性を削除します。...
processors:
transform/update:
traces:
queries:
- keep_keys(resource.attributes, "service.name", "service.namespace", "cloud.region", "process.command_line")
metrics:
queries:
- keep_keys(resource.attributes, "service.name", "service.namespace", "cloud.region", "process.command_line")
logs:
queries:
- keep_keys(resource.attributes, "service.name", "service.namespace", "cloud.region", "process.command_line")
...
service:
pipelines:
traces:
processors: [..., transform/update, ...]
metrics:
processors: [..., transform/update, ...]
logs:
processors: [..., transform/update, ...]
...$env password=mysecret username=myusername python run-my-app.py のようになります。...
processors:
transform/update:
traces:
queries:
- replace_pattern(resource.attributes["process.command_line"], "password\\=[^\\s]*(\\s?)", "password=***")
metrics:
queries:
- replace_pattern(resource.attributes["process.command_line"], "password\\=[^\\s]*(\\s?)", "password=***")
logs:
queries:
- replace_pattern(resource.attributes["process.command_line"], "password\\=[^\\s]*(\\s?)", "password=***")
...
service:
pipelines:
traces:
processors: [..., transform/update, ...]
metrics:
processors: [..., transform/update, ...]
logs:
processors: [..., transform/update, ...]
...