Sensitive Data Collection and Security for On-premises Deployment

Splunk AppDynamics On-Premises solution is for customers who want to maintain full control over their deployment of the software. With this type of implementation, Splunk AppDynamics has no access to the software or the data it collects and processes. Customers subject to strict regulatory requirements for data security may want to consider an on-premises solution. On-premises customers are responsible for encrypting their data by either using self-encrypting drives or other non-product solutions.

Role-based Access Control

You can use role-based access controls (RBAC) to limit the number of users who can access data collection features. The controls let you restrict a user's access to specific functions, data, analytics queries, and APIs.

You can control user access to data by specifying permissions for each user role. To configure user access, navigate to Settings > Administration. See Analytics and Data Security and Manage Custom Roles.

Suppress Raw SQL Capture

Application Monitoring collects raw SQL as prepared statements captured with dynamic parameters bound to runtime values.

You can disable the capture of raw SQL if it contains sensitive data. When you disable raw SQL capture, the SQL call appears in its original form, but with question mark parameters in place of sensitive data.

To disable the capture of raw SQL for an application, navigate to Configuration > Instrumentation > Call Graph Settings > SQL Capture Settings. Uncheck Capture Raw SQL.

You can also disable bind variable capture. Bind variables are placeholders for literal data in your SQL statements. When you disable bind variable capture, the values of bind variables are not displayed. For more information, see Call Graph Settings.

Hide Query Literals

Database Visibility hides query literals by default since queries can contain sensitive user data.

To verify that query literals are hidden for a database, navigate to Configuration. In the Security section, ensure that you have chosen Remove literals from the queries. See Configure Query Literals Security.

You may also want to use bind variables as placeholders for literal data in your SQL statements.

Exclude Error Logs

Application Monitoring logs exceptions and errors that match parameters you specify in your custom logger. You may want to exclude sensitive payload data so that it does not show up in error logs.

To exclude a class in your application:

1. Navigate to Tiers & Nodes > Actions > Configure App Server Agent. 
2. Select Use Custom Configuration.
3. Click ( + ) to create a new agent property.
4. Set the agent property name to exceptions-to-ignore. 
5. Set the agent property value to the name of the class you want to exclude.

See Error Detection. 

Mask Log Analytics Values

When configured, Application Analytics collects performance data from your app server agents, data from your log files, and performance and sessions data from End User Monitoring. You can mask sensitive information in your log analytics data.

To mask log analytics data:

1. Navigate to Analytics > Configuration > Log Analytics > Source Rules. 
2. Click the source rule that you want to specify masking for.
3. In the Field Management tab, next to ThreadName, you can specify the starting and ending position of the data you want to mask, and the character to use as the masking value. 

See Configure Log Analytics Using Source Rules.

Disable the Data Collector

You can suppress data collection of HTTP request payloads, raw SQL, and other user data.

For the Java Agent, configure the disabled-features node property in the Controller UI.

For the .NET Agent, edit the config.xml file and set the disabled-features property to the names of features that you want to disable.

<property name="disabled-features" value="RAW_SQL,LOG_PAYLOAD,METHOD_INV_DATA_COLLECTOR,HTTP_DATA_COLLECTOR,CUSTOM_EXIT_SNAP_DATA"/>

See App Agent Node Properties Reference and .NET Agent Configuration Properties. 

Filter Sensitive Data in Environment Variables

You can mask sensitive data found in Java environment variables and system properties. To mask sensitive data, add the sensitive-data-filter property to app-agent-config.xml. The valid attributes are applies-to, match-type, and match-pattern.

See the following pages to learn how to filter sensitive data:

• Filter Sensitive Data (Java Agent)

• Filter Sensitive Data with the .NET Agent

• Filter Sensitive Data for Apache Agent

Data Privacy Policy Dialog

Data collection has regulatory, legal, and customer-defined policies that you must follow. Splunk AppDynamics provides a data privacy policy reminder, in the form of a UI dialog, when you or your users configure parts of the Splunk AppDynamics products that could be used to collect regulated or other protected information. 

This customizable statement is present in all areas of the Splunk AppDynamics UI where you can configure data collection. Splunk AppDynamics displays a default message if you have not made any customizations.

Splunk AppDynamics logs an event when it displays the data privacy policy dialog to you or another user.