cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Mask sensitive HTTP header

gregg_kniss
Guide

Is it possible to mask a HTTP header? I am familiar with the Parameter masks section, but that seems like it's more for the query string rather than a header.

3 REPLIES 3

john_leight
Dynatrace Pro
Dynatrace Pro

Yes, http header data can be masked. Check out this link to the docs. It is for 12.2 but has the workflow and some examples. Hopefully this will answer where and how it is done.

@John L. I have read that and as I mentioned that is really specific to query string parameters. If it can be done for a header is it just "header_name", "header_name*", "header_name:", or "header_name:*". There is no example other than query string which is pretty straight forward.

Masking HTTP header data is a global setting, configured in the RUM Console by opening the AMD configuration. Navigate to Global->Front-End-Monitoring->Web->HTTP->Sequenced Transactions and Header Data. Depending on the version of DCRUM you may be in the correct place or have to also open the General settings in this section.

In the Parameter Masks add a mask for the entry for the text you wish to match. Add a * for what you want masked. For example, if you see (or know) that

password=mypassword

is in the header - you mask it by adding an entry:

password=*

In your example, I think either "header_name*" or "header_name:*" would work. The amd will match the text and then "*" the rest of the string up to a header parameter separator character.