This page applies to an earlier version of the AppDynamics App IQ Platform.
For documentation on the latest version, see the 4.4 Documentation.


On this page:

Your Rating:
Results:
PatheticBadOKGoodOutstanding!
32 rates
The AppDynamics Java Agent sends environment variable and system property data for the JVM to the Controller.  Such environment data is useful for diagnosis and troubleshooting but sometimes security considerations require you to filter sensitive information from view in the Controller.

Default Sensitive Data Filters

When you enable a sensitive data filter, the Controller displays asterisks for the values of matching environment variables or system properties.  By default, the Java Agent enables two sensitive data filters in the app-agent-config.xml:

  • Environment variables or system properties that contain the case insensitive substring "password".
  • Environment variables or system properties that contain the case insensitive substring "key".
<sensitive-data-filters>
        <sensitive-data-filter applies-to="environment-variables,system-properties"
                               match-type="CONTAINS"
                               match-pattern="password"/>
 
        <sensitive-data-filter applies-to="environment-variables,system-properties"
                               match-type="CONTAINS"
                               match-pattern="key"/>
</sensitive-data-filters>

 

Add a Sensitive Data Filter

  1. Edit versioned app-agent-config.xml file: <agent_home>/<version_number>/conf/app-agent-config.xml.
  2. Add a Sensitive Data Filter element as a child of the Sensitive Data Filters element as follows:
    • Specify a comma separated list in the applies-to attribute to filter the following:

      environment-variables

      system-properties

    • Set the match-type attribute as follows:

      EQUALS

      CONTAINS

      STARTSWITH

      ENDSWITH

    • Specify a string to match for the match-pattern attribute. String matches are case insensitive. The pattern matches against the environment variable and system property names, not values.

  3. Restart the JVM.

In the example below, the Java Agent checks for system properties and environment variables beginning with the string "DB_". The Controller displays the values of matching environment variables and system properties as asterisks. For instance, an environment variable "DB_USER".

<sensitive-data-filter applies-to="environment-variables,system-properties"
                                    match-type="STARTSWITH"
                                    match-pattern="DB_"/>
  • No labels