Telemetry Publisher collects diagnostic data from logs, job configurations, and SQL queries, and then sends this data to Cloudera Observability. As this diagnostic information may contain sensitive information it is important to mask this data before Telemetry Publisher sends it to Cloudera Observability.
Data redaction works separately from Cloudera data encryption techniques. Data encryption alone does not preclude administrators with full access to the cluster from viewing sensitive user data. Redaction ensures that cluster administrators, data analysts, and others cannot see personally identifiable information (PII) or other sensitive data that is not within their job domain. At the same time, it does not prevent users with appropriate permissions from accessing data to which they have privileges.
In the event that redaction was disabled, such as during testing, Cloudera recommends that before you configure Telemetry Publisher you verify that redaction has not been disabled.