Question
JPMC
IN
Last activity: 18 May 2018 11:37 EDT
Issues during suppressing/masking the ParameterPage values for PEGA0001 alert log entries
Issues during suppressing/masking the ParameterPage values for PEGA0001 alert log entries
I have tried below setting but not working as expected. Appreciate any help on this
I have set the DSS value to obfuscate - prconfig/alerts/parameterpage/remotefiltertype/default and restarted the server
It didn’t work and tried to update the prconfig.xml file and restarted the server including cache clear. This is also not working as expected.
<env name="alerts/parameterpage/remoteFilterType" value="obfuscate" />
We are using PEGA 7.1.7
Thanks & Regards,
Nagarjuna Bodduna
-
Like (0)
-
Share this page Facebook Twitter LinkedIn Email Copying... Copied!
EPAM Systems, Inc.
ES
Hi Nagarjuna,
Thanks for posting on PSC.
Add the following setting to prconfig.xml to suppress the sensitive property values:
<env name="alerts/database/operationTimeThreshold/suppressInserts" value="true" />
This setting will suppress the sensitive property values (and replace them with question marks).
To suppress information in parameters, add the following setting to prconfig.xml:
<env name="alerts/general/includeparameterpage" value="false" />
This setting determines if the parameter page of the top-most stackframe will be included in the ALERT log when the alert is generated.
Re-start the server after changes made.
Try using configuration. Hope it helps. Kindly notify, if it does.
Regards,
Asif
JPMC
IN
It's working fine for DB alerts and we already deployed. Only issues with PEGA0001 (web interaction alerts) alerts. We already updated the prconfig file with below entry, but no luck
<env name="alerts/general/includeparameterpage" value="false" />
Pegasystems Inc.
IN
Did you try with the Default value allowed
the DSS prconfig/alerts/parameterpage/remoteFilterType/default should be set to "obfuscate". The default value is "allowed"
JPMC
IN
I have tried with this option by changing the default value allowed to obfuscate but it's not working as expected. I have mentioned the same in my initial post as well. Any inputs really appreciate.
Pegasystems Inc.
IN
Hello Nagarjuna,
The following prconfig entry will do obfuscation of parameter values
<envname="alerts/parameterpage/remoteFilterType" value="obfuscate" />.
You can specify the parameters to obfuscate in the alert logs using
<envname="alerts/parameterpage/obfuscateKeywords" value="" />
,The value should contain the parameter names separated by semi-colon.
Thanks,
Arun
Pegasystems Inc.
IN
I forgot to mention you missed below entry in the prconfig/DSS to obfuscate the parameters in alert logs.
<envname="alerts/parameterpage/obfuscateKeywords" value="" />
Thanks,
Arun
JPMC
IN
I have tried with this option, no luc. Still i'm seeing the data in PEGA0001 alerts
Pegasystems Inc.
US
In the 8.1 the white list using allowed keywords of the parameter page will be the default for both the file system and PDC/AES. This will resolve the security issue of data in the filesystem for alerts. There are also hotfixes available to make white list the only option for the filesystem.