To hide or delete sensitive information from the captured traffic data in a on-premises environment, you configure a confidentiality policy on a Collector. If you are using Application Performance Management as a service, you configure a confidentiality policy by modifying the scrubbing_rules.conf file on the Cloud Probe computer.
Under the #Traffic
section, set the value of SYSTEM.PROPERTIES.EPX.probe.conf-collector-policies-listener-interval
parameter to “0”.
Tip
When you set the SYSTEM.PROPERTIES.EPX.probe.conf-collector-policies-listener-interval
parameter to a non-zero value (for example, 30), the Cloud Probe will override the contents of the probe_properties.conf file with configuration from Real User Collector every 30 seconds.
Now, the Cloud Probe takes the confidentiality policies configuration from the scrubbing_rules.conf file disregarding the configuration defined in the Real User Collector.
The Cloud Probe starts using confidentiality policies from the configuration file.
The system can hide or delete private data according to the rules that you configure for each of the following traffic elements:
The following behaviors are observed:
At the end of each section, define the DEFAULT (catch-all) rule.
When specifying a field, use asterisk (*) to identify zero or more characters.
For example, user*
mask will filter fields such as user
, user1
, userid
, and so on.
############################ # Cookie scrubbing rules COOKIE [jsessionid]=KEEP COOKIE [aspsessi*]=KEEP COOKIE [asp*sessionid]=HASH COOKIE [*tltuid*]=DELETE COOKIE [sid]=DELETE_VALUE COOKIE [OAX]=DELETE COOKIE [VISITOR_INFO1_LIVE]=DELETE_VALUE COOKIE [PREF]=DELETE COOKIE DEFAULT=KEEP ############################ # Post-Params scrubbing rules POST_PARAMS [user*]=HASH POST_PARAMS [password]=HASH POST_PARAMS DEFAULT=HASH ############################ # URI-Query-Params scrubbing rules URI_QUERY_PARAMS [user*]=HASH URI_QUERY_PARAMS [password]=HASH URI_QUERY_PARAMS DEFAULT=HASH ############################ # URI-Path-Params scrubbing rules URI_PATH_PARAMS [user*]=HASH URI_PATH_PARAMS [password]=HASH URI_PATH_PARAMS DEFAULT=HASH
Warning
Rules priority
aspsessionid
cookie falls under two rules, COOKIE [aspsessi*]=KEEP
and COOKIE [asp*sessionid]=HASH
. So, this cookie will be kept because the KEEP
rule stands higher than HASH
.Contents of the rules configuration file must end with an empty line.