Sensitive data definitions are not retroactive. They will hide strings in subsequent log messages, but will not affect existing log messages. |
Variable | Description | Default |
<custom-sensitive-rule_name> | Type the name of a new or existing rule. The maximum length is 35 characters. To display the list of existing rules, type: edit ? | No default. |
expression "<sensitive-type_pattern> | Type a regular expression that matches all and only the strings or numbers that you want to obscure in the packet payloads. For example, to hide a parameter that contains the age of users under 13, you could enter: age\=[1-13] Expressions must not start with an asterisk ( * ). The maximum length is 255 characters. | No default. |
type {field‑mask‑rule | general‑mask-rule} | Select either general-mask-rule (a regular expression that will match any substring in the packet payload) or field-mask-rule (a regular expression that will match only the value of a specific form input). If you select general‑mask-rule, configure expression "<sensitive-type_pattern>. If you select field-mask-rule, configure field-name "<parameter-name_pattern>" and field-value "<parameter-value_pattern>". | general-mask-rule |
field-name "<parameter-name_pattern>" | Type a regular expression that matches all and only the input names whose values you want to obscure. (The input name itself will not be obscured. If you wish to do this, use general-mask-rule instead.) The maximum length is 255 characters. | No default. |
field-value "<parameter-value_pattern>" | Type a regular expression that matches all and only the input values that you want to obscure. The maximum length is 255 characters. For example, to hide a parameter that contains the age of users under 13, for field-name "<parameter-name_pattern>", you would enter age, and for field-value "<parameter-value_pattern>", you could enter [1-13]. Valid expressions must not start with an asterisk ( * ). Caution: Field masks using asterisks are greedy: a match for the parameter’s value will obscure it, but will also obscure the rest of the parameters in the line. To avoid this, enter an expression whose match terminates with, but does not consume, the parameter separator. For example, if parameters are separated with an ampersand ( & ), and you want to obscure the value of the field name username but not any of the parameters that follow it, you could enter the field value: .*?(?=\&) This would result in: username****&age=13&origurl=%2Flogin | No default. |