https://community.splunk.com/t5/Security/Masking-credit-cards/m-p/78279#M2601 <P>For an external form of pre-masking for Splunk, see:</P> <P><A href="http://www.iri.com/blog/data-protection/secure-then-splunk-a-format-preserving-encryption-and-pseduonymization-example/">http://www.iri.com/blog/data-protection/secure-then-splunk-a-format-preserving-encryption-and-pseduonymization-example/</A></P> Fri, 20 Mar 2015 13:43:35 GMT MicroAlpha 2015-03-20T13:43:35Z https://community.splunk.com/t5/Security/Masking-credit-cards/m-p/78276#M2598 <P>While I'm able to mask 16 digit numbers I would like a more sophisticated approach as there are some numbers in that range that are not credit card numbers which I don't want to mask, such as error codes. Is anyone utilizing the Luhn Algorithm (http://rosettacode.org/wiki/Luhn_test_of_credit_card_numbers) or something better than my current approach?</P> Sat, 09 Apr 2011 03:16:59 GMT https://community.splunk.com/t5/Security/Masking-credit-cards/m-p/78276#M2598 cjs226 2011-04-09T03:16:59Z https://community.splunk.com/t5/Security/Masking-credit-cards/m-p/78277#M2599 <P>Splunk by itself is only going to be able to mask based on regex replacement, but that doesn't necessarily mean any 16-digit string.</P> <UL> <LI><A href="http://www.splunk.com/wiki/Community:Credit_card_masking_regex" rel="nofollow">http://www.splunk.com/wiki/Community:Credit_card_masking_regex</A></LI> <LI><A href="http://www.regular-expressions.info/creditcard.html" rel="nofollow">http://www.regular-expressions.info/creditcard.html</A></LI> </UL> <P>If you want to fully run the Luhn algorithm, you'd need to be using a scripted input to Splunk, or have some external form of pre-processing.</P> Sat, 09 Apr 2011 03:39:51 GMT https://community.splunk.com/t5/Security/Masking-credit-cards/m-p/78277#M2599 southeringtonp 2011-04-09T03:39:51Z https://community.splunk.com/t5/Security/Masking-credit-cards/m-p/78278#M2600 <P>Thanks, I'm using the info from the first link you mention but the 2nd won't work (completely) for me as I have to account for different and yet to be determined credit card companies. This is why I'm hoping for a solution that incorporates the Lunh Algorithm or a better approach.</P> Sun, 10 Apr 2011 22:40:42 GMT https://community.splunk.com/t5/Security/Masking-credit-cards/m-p/78278#M2600 cjs226 2011-04-10T22:40:42Z https://community.splunk.com/t5/Security/Masking-credit-cards/m-p/78279#M2601 <P>For an external form of pre-masking for Splunk, see:</P> <P><A href="http://www.iri.com/blog/data-protection/secure-then-splunk-a-format-preserving-encryption-and-pseduonymization-example/">http://www.iri.com/blog/data-protection/secure-then-splunk-a-format-preserving-encryption-and-pseduonymization-example/</A></P> Fri, 20 Mar 2015 13:43:35 GMT https://community.splunk.com/t5/Security/Masking-credit-cards/m-p/78279#M2601 MicroAlpha 2015-03-20T13:43:35Z https://community.splunk.com/t5/Security/Masking-credit-cards/m-p/78280#M2602 <P>from that site, they can either use a masking tool with a canned CCN mask:</P> <UL> <LI><A href="http://www.iri.com/solutions/data-masking/masking/mask-credit-card-number">www.iri.com/solutions/data-masking/masking/mask-credit-card-number</A></LI> </UL> <P>or generate CCNs with a test data generator (using Luhn), but again, external to Splunk:</P> <UL> <LI><A href="http://www.iri.com/blog/test-data/generating-test-credit-card-numbers/">www.iri.com/blog/test-data/generating-test-credit-card-numbers/</A></LI> </UL> Mon, 20 Apr 2015 21:12:36 GMT https://community.splunk.com/t5/Security/Masking-credit-cards/m-p/78280#M2602 sachol 2015-04-20T21:12:36Z