cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

This product reached the end of support date on March 31, 2021.

How to Mask sensitive information in Database query

tarun_agastya1
Inactive

Hi,

We are seeing sensitive information in DB query's.Can someon help us how can we mask these data.

Thanks,

Tarun

2 REPLIES 2

JamesKitson
Dynatrace Leader
Dynatrace Leader

In the server level settings within the settings tab there is an area where you can mark confidential strings and SQL values should all be set that way by default. You will use permissions to specify who if anyone can view these confidential strings but that will apply to all of the strings you see checked there.

Really what I would recommend is to not capture bind values at all in any production environment (set in the JDBC or ADO.NET sensor configurations) partly due to data privacy issues as you have noted but also because this is a lot of extra data that the server has to handle and probably will not be all that helpful in triaging in production. In pre-prod environments it is fine to continue capturing this.

James

Hi Tarun, Also, check if you have disabled bind value capturing or not. This needs to be disabled in production. (Also, the application should use the prepared statements. But that is remotely related to your issue.)

Regards, Rajesh.