Enabling the redaction of sensitive data

Telemetry Publisher and Databus Producer collect diagnostic data from logs, job configurations, and SQL queries, and then send this data to Cloudera Observability. As this diagnostic information may contain sensitive information it is important to mask this data before it is sent to Cloudera Observability.

Describes how to redact your sensitive data in the Cloudera Management Console.

By default, the Cloudera Management Console provides the following default anonymization rules that mask the following using regular expression patterns and replacement strings:
  • email addresses
  • credit card numbers
  • Social Security numbers
  1. Verify that you are logged in to the Cloudera Data Platform.
  2. From the Your Enterprise Data Cloud landing page, select the Management Console tile.
  3. From the Navigation panel, select Global Settings and then the Telemetry tab.
  4. Verify that the Workload Analytics and the Deployment Cluster Logs Collection options are enabled.
  5. In the Anonymization rules section, click New rule and add your regex pattern and its replacement string.
  6. Test your rule in the Test rules section, by doing the following:
    1. In the Input test text box, enter an example string that contains sensitive content.
    2. Click Test all rules.

      The Anonymized result text box is populated with your example and its sensitive data is masked by the replacement string that you defined in your anonymization rule.

  7. Optional: Add more rules.
  8. Click Save Changes.