Solved: Mask Sensitive Data in URLs

Kay_Koedel · ‎12-09-2019

We want to mask sensitive data that comes with URLs or Params to our services.

The Sensitive Data can be Found with regex.

This can come at any part of a url

for example:

http://server.com/endpoint/sensitiv/get

http://server.com/endpoint/get/sensitiv/

We want to add a rule that masks all the URLs with *

http://server.com/endpoint/sensitiv123/get --> BT /endpoint/***/get

http://server.com/endpoint/get/sensitiv456/ --> BT /endpoint/get/***

I found the documentation:

https://docs.appdynamics.com/display/PRO45/Filter+Sensitive+Data

But it is not working. Can you give an example of how it will work for the given examples?

Kay_Koedel · ‎12-11-2019

It was told by Appd Support that this is not possible:

"If that is the case, then the sensitive data filter will not solve your purpose. Rather, you'll need to define custom Servlet BT detection rules based on the URI matching with a regular expression. Please refer to https://docs.appdynamics.com/display/PRO45/URI+Based+Entry+Points for more information on this."

View solution in original post

Kay_Koedel · ‎12-11-2019

It was told by Appd Support that this is not possible:

"If that is the case, then the sensitive data filter will not solve your purpose. Rather, you'll need to define custom Servlet BT detection rules based on the URI matching with a regular expression. Please refer to https://docs.appdynamics.com/display/PRO45/URI+Based+Entry+Points for more information on this."

Mask Sensitive Data in URLs

Controller

Licensing

User Management

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Detection Engineering Office Hours: Real-World Troubleshooting & Q&A

Developer Spotlight with Mika Borner

Continue Your Federation Journey: Join Session 3 of the Bootcamp Series

Join the Conversation