PII Masking
This action processes a list of PII categories to be masked from the traces.
Considerations
Before enabling pii masking, please note the following:
- This action masks span attribute values by replacing only the sensitive portions with
****
, while leaving the rest of the value intact. - The regex used for masking are predefined for each PII category and cannot be configured.
- Currently, only trace signals are supported.
- All span attribute values in every span will be examined and masked accordingly.
Use Cases
Security
- By default, OpenTelemetry should not record PII (Personally Identifiable Information) or sensitive data such as passwords, api tokens, etc. However, if the data is accidentally added to the telemetry signals, or if a manual instrumentation recorded it into an attribute, this action can be used to mask such data.
Legal and Compliance
- Ensure compliance with legal and privacy.
- Payment Card Industry (PCI) Data Security Standards prohibit logging certain things or storing them unencrypted.
Configuration Options
actionName
actionName
actionName string
: Allows you to attach a meaningful name to the action for convenience.
- This field is
- Odigos does not use or assume any meaning from this field
notes
notes
notes string
: Allows you to attach notes regarding the action for convenience.
- This field is optional
- Odigos does not use or assume any meaning from this field
disabled
disabled
disabled boolean
: Allows you to temporarily disable the action, but keep it saved for future use.
- This field is optional, and defaults to
false
signals *
signals *
signals string[]
: An array with the signals that the processor will act on.
- This field is required
- Supported values:
TRACES
piiCategories *
piiCategories *
piiCategories string[]
: An array of strings representing the PII Category you want to mask.
- This field is required
- The available PII categories are:
CREDIT_CARD
- mask Visa and MasterCard credit card numbers
Can’t find the PII category you need? Please Contact us and we will add it for you
Basic Example
The following example demonstrates how to configure the Pii Masking action to mask Visa and MasterCard credit card numbers from span attribute values.
Create a YAML file with the following content:
Apply the action to the cluster: