Skip to content

Commit

Permalink
Update scanning rules instructions (#25810)
Browse files Browse the repository at this point in the history
* update scanning rules instructions

* Update content/en/sensitive_data_scanner/_index.md
  • Loading branch information
maycmlee authored Oct 18, 2024
1 parent 13a22eb commit fdad15b
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 5 deletions.
8 changes: 4 additions & 4 deletions content/en/sensitive_data_scanner/_index.md
Original file line number Diff line number Diff line change
Expand Up @@ -150,18 +150,17 @@ To add scanning rules, perform the following steps:

The Scanning Rule Library contains predefined rules for detecting common patterns such as email addresses, credit card numbers, API keys, authorization tokens, and more.

1. Select a scanning group if you did not create this rule within a scanning group.
1. In the **Add library rules to the scanning group** section, select the library rules you want to use.
1. In the **Define rule target and action** section, select if you want to scan the **Entire Event** or **Specific Attributes**.
- If you are scanning the entire event, you can optionally exclude specific attributes from getting scanned.
- If you are scanning specific attributes, specify which attributes you want to scan.
{{% sds-scanning-rule %}}
1. Click **Add Rules**.

{{< /collapse-content >}}
{{< collapse-content title="Add a custom scanning rule" level="p" >}}
You can create custom scanning rules using regex patterns to scan for sensitive data.

1. In the **Define match conditions** section, specify the regex pattern to use for matching against events in the **Define regex** field. Enter sample data in the **Regex tester** field to verify that your regex pattern is valid.
1. Select a scanning group if you did not create this rule within a scanning group.
1. In the **Define match conditions** section, specify the regex pattern to use for matching against events in the **Define the regex** field. Enter sample data in the **Add sample data** field to verify that your regex pattern is valid.
Sensitive Data Scanner supports Perl Compatible Regular Expressions (PCRE), but the following patterns are not supported:
- Backreferences and capturing sub-expressions (lookarounds)
- Arbitrary zero-width assertions
Expand All @@ -173,6 +172,7 @@ You can create custom scanning rules using regex patterns to scan for sensitive
- The `\K` start of match reset directive
- Callouts and embedded code
- Atomic grouping and possessive quantifiers
1. For **Create keyword dictionary**, add keywords to refine detection accuracy when matching regex conditions. For example, if you are scanning for a sixteen-digit Visa credit card number, you can add keywords like `visa`, `credit`, and `card`. You can also require that these keywords must be within a specified number of characters of a match. By default, keywords must be within 30 characters before a matched value.
{{% sds-scanning-rule %}}
1. Click **Add Rule**.
{{< /collapse-content >}}
Expand Down
4 changes: 3 additions & 1 deletion layouts/shortcodes/sds-scanning-rule.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
1. For **Create keyword dictionary**, add keywords to refine detection accuracy when matching regex conditions. For example, if you are scanning for a sixteen-digit Visa credit card number, you can add keywords like `visa`, `credit`, and `card`. You can also require that these keywords must be within a specified number of characters of a match. By default, keywords must be within 30 characters before a matched value.
1. In the **Define rule target and action** section, select if you want to scan the **Entire Event** or **Specific Attributes**.
- If you are scanning the entire event, you can optionally exclude specific attributes from getting scanned.
- If you are scanning specific attributes, specify which attributes you want to scan.
1. For **Define actions on match**, select the action you want to take for the matched information. **Note**: Redaction, partial redaction, and hashing are all irreversible actions.
- **Redact**: Replaces all matching values with the text you specify in the **Replacement text** field.
- **Partially Redact**: Replaces a specified portion of all matched data. In the **Redact** section, specify the number of characters you want to redact and which part of the matched data to redact.
Expand Down

0 comments on commit fdad15b

Please sign in to comment.