Default: $SPLUNK_HOME/etc/anonymizer/public-terms.txt or %SPLUNK_HOME%\etc\anonymizer\public-terms.txt.Path and name of the file to anonymize.
#Anonymizer universal login windows
On both Windows and *nix, the optional parameters are defined as follows: You can customize the anonymizer by telling it what terms to anonymize, what terms to leave alone, and what terms to use as replacements. Wrote suggestions for dictionary to "c:\temp\INFO-suggestions.txt" Wrote dictionary scrubbed terms with replacements to "c:\temp\INFO-mapping.txt" Processing files: Īdding named entities to list of public terms: set() Wrote suggestions for dictionary to "/tmp/INFO-suggestions.txt"Ĭ:\>xcopy c:\apache\ c:\tempĬ:\Program Files\Splunk\bin>.\splunk anonymize file -source c:\temp\ Wrote dictionary scrubbed terms with replacements to "/tmp/INFO-mapping.txt" splunk anonymize file -source /tmp/messagesĪdding named entities to list of public terms: Set() It is good practice to copy the file somewhere safe (like /tmp or \temp) before performing this command. The easiest way to anonymize a file is with the anonymizer tool's defaults, as shown in the session below.įrom the CLI while you are in $SPLUNK_HOME/bin or %SPLUNK_HOME%\bin, type the following:
See About the CLI for instructions on accessing the Splunk Enterprise CLI. In Windows, a file \temp\messages becomes \temp\ANON-messages.Īnonymize is controlled from the Splunk Enterprise CLI. For example, /tmp/messages will be anonymized as /tmp/ANON-messages. For example, it might turn the string into anonymized file is written to the same directory as the source file, with ANON- prepended to its filename. The anonymize function combs through sample log files or event files to replace identifying data - like usernames, IP addresses, domain names - with fictional values that maintain the same word length and event type. Read about configuring search string redaction in. This lets Splunk Enterprise users share log data without revealing confidential or personal information from their networks.ĭiag by default removes some types of sensitive information from search strings in diag files. Splunk Enterprise has a few methods to anonymize data in files you send to Support. Anonymize data samples to send to Support
0 kommentar(er)
