An optional configuration to the Syslog and WS-M agents allows redaction patterns to be applied to all incoming messages before processing them in order to replace sensitive data with predetermined placeholders.
| Note |
|---|
Use this configuration with caution, since performing additional processing on incoming messages received from monitored devices might affect DPOD performance and functionality. |
Create the following configuration files:
Create the custom configuration file(s):
For Syslog agents:
/app/flume/syslog_agents/conf/custom.conf.For WS-M agents:
/app/flume/wsm_agents/conf/custom.conf.
Add the desired configuration to the file(s) in the following JSON format:
Code Block language json { "redactions": [ { "pattern": "<Search pattern (Regular Expression)>", "placeholder": "<Replacement Text>" }, { ... } ] }For example:
Code Block language json { "redactions": [ { "pattern": "card_number=[0-9]+", "placeholder": "card_number=xxx" }, { "pattern": "customer_id=[a-zA-Z0-9]+", "placeholder": "" } ] }
Restart the Syslog and WS-M agents using Command Line Interface (CLI) and make sure they are running after restart.