Skip to content

DOCS-14732: Add Sensitive Data Scanner troubleshooting doc #37530

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
drichards-87 wants to merge 1 commit into
base: master
Choose a base branch
from
+34 −0
Draft

DOCS-14732: Add Sensitive Data Scanner troubleshooting doc #37530

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions config/_default/menus/main.en.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8483,6 +8483,11 @@ menu:
identifier: sds_guides
parent: sensitive_data_scanner
weight: 3
- name: Troubleshooting
url: /security/sensitive_data_scanner/troubleshooting/
identifier: sds_troubleshooting
parent: sensitive_data_scanner
weight: 4
- name: Synthetic Testing and Monitoring
url: synthetics/
pre: synthetics
Expand Down
29 changes: 29 additions & 0 deletions content/en/security/sensitive_data_scanner/troubleshooting.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
---
title: Troubleshoot Sensitive Data Scanner
description: Troubleshoot common Sensitive Data Scanner issues, including scanning rules that do not match data as expected and obfuscation actions that are unavailable.
further_reading:
- link: "/security/sensitive_data_scanner/setup/telemetry_data/"
tag: "Documentation"
text: "Set up Sensitive Data Scanner for Telemetry Data"
---

## A scanning rule does not match data as expected

If a Sensitive Data Scanner rule does not match data that you expect it to match, check the following causes:

- **Numeric values**: Sensitive Data Scanner does not scan integer, float, or double values. To scan a numeric value, store it as a string.
- **Attribute paths**: The `@` prefix used in log search queries is not supported in attribute path fields. Use `function.request.body.password`, not `@function.request.body.password`.
- **Tags**: Sensitive Data Scanner cannot scan tags directly. To scan a tag, remap the tag to an attribute first, and then scan the attribute. See [Redact sensitive data in tags][1] for the steps.

## An obfuscation action is unavailable

The Sensitive Data Scanner obfuscation actions are **Redact**, **Partially redact**, **Hash**, and **Mask**. If you cannot select one of these actions, check the following causes:

- **Sampling is enabled**: The **Redact**, **Partially redact**, **Hash**, and **Mask** actions are not available when a scanning group has sampling enabled. To use these actions, disable sampling in the scanning group settings so that all data matching the group query filter is scanned.
- **Mask is supported for logs only**: The **Mask** action is not available for APM, RUM, or Event Management data.

## Further reading

{{< partial name="whats-next/whats-next.html" >}}

[1]: /security/sensitive_data_scanner/setup/telemetry_data/#redact-sensitive-data-in-tags
Loading