BindPlane OP

How to Mask Sensitive Data in Logs with BindPlane OP Enterprise

Ryan Goins
Ryan Goins
Share:

Logs often contain sensitive data, including personally identifiable information (PII) such as names, email addresses, and phone numbers. To maintain security and comply with data protection regulations, it’s crucial to mask this data before storing it in your log analytics tool. BindPlane OP streamlines this process with the Mask Sensitive Data processor, ensuring your logs are safe and compliant.

Step 1: Identify the Sensitive Data to Mask

First, identify the sensitive data in your logs that you want to mask. Use the Snapshots feature in BindPlane OP Enterprise to examine the logs flowing through your pipeline:

  1. You can just navigate to an agent page.
  2. Click “View Recent Telemetry” in the top right corner.
  3. You can browse the logs for the PII data you want to mask. In our example, we’re looking for email addresses to conceal.

Step 2: Add the Mask Sensitive Data Processor

Once you have identified the sensitive data to mask, it’s time to add the Mask Sensitive Data processor to your pipeline:

  1. Return to the configuration page and click on a processor node in your pipeline.
  2. Processors can be added immediately after a source or before a destination, offering complete flexibility over the affected data. You can choose the location in the pipeline that best suits your needs.
  3. Click “Add Processor.”
  4. Select “Mask Sensitive Data.”

Step 3: Configure the Processor

By default, BindPlane OP includes rules to mask credit card numbers, email addresses, phone numbers, SSNs, and IP addresses. Customize the processor’s configuration to suit your specific requirements:

  1. Modify the rules by removing any unnecessary ones or adding custom rules using regex.
  2. Review the available masking options and choose the best fit for your needs.
  3. Click “Done,” followed by “Save.”

Step 4: Validate the Masking Process

After applying the Mask Sensitive Data processor to your pipeline, ensure that it is working correctly:

  1. Use Snapshots again to inspect the data stream.
  2. Verify that the sensitive data is being masked as intended. If successful, masked values should resemble the example below.

Protecting sensitive data in logs is critical to data security and compliance. With BindPlane OP’s Mask Sensitive Data processor, you can quickly identify, configure, and validate the masking process, ensuring that your logs remain secure and compliant while providing valuable insights for your organization.

Ryan Goins
Ryan Goins
Share:

Related posts

All posts

Get our latest content
in your inbox every week

By subscribing to our Newsletter, you agreed to our Privacy Notice

Community Engagement

Join the Community

Become a part of our thriving community, where you can connect with like-minded individuals, collaborate on projects, and grow together.

Ready to Get Started

Deploy in under 20 minutes with our one line installation script and start configuring your pipelines.

Try it now