Create policies consisting of rules and rule actions for discovering and classifying sensitive data.
About this task
Classification policies contain ordered sets of rules and rule actions that identify
and take actions on sensitive data. Each rule in a policy defines a conditional action that is taken
when the rule matches. The conditional test can be simple, for example a wildcard string found
anywhere in a table or collection, or a complex test that considers multiple conditions.
For discover sensitive data scenarios, the action triggered by a rule can be a grouping action that
adds the matches to a specified group or an alerting action that triggers a notification. Multiple
grouping and alerting actions can be combined and ordered to create sophisticated responses to
matched rules.
This task guides you through the processes of creating and editing classification rules and rule actions for use in your discovery scenario.
Procedure
- Open the What to discover section to define rules for discovering data.
-
Use the Language menu to filter rule templates by the selected language
and countries where the selected language is a national language.
Templates for universal patterns like credit card numbers and email addresses are displayed
for all Languge menu selections.
-
Add rules to your discovery scenario or edit existing rules by doing one of the
following:
- Click the icon to create a new rule.
- Select rules from the Classification Rule Templates table and click
the icon to add predefined rules.
- Click the icon to edit an existing rule.
-
When adding or editing classification rules, use the following procedure.
-
Select a Rule type based on the type of search being performed.
- Search for data matches specific patterns or values in the data.
The
following data types are supported when searching for data:
BIGINT |
NUMERIC |
CHAR |
NVARCHAR |
DATE |
NVARCHAR2 |
DECIMAL |
REF |
DOUBLE |
SMALLINT |
FLOAT |
TIME |
INTEGER |
TIMESTAMP |
LONGVARCHAR |
TINYINT |
NCHAR |
VARCHAR |
NUMBER |
VARCHAR2 |
- For relational-type datasources,
Catalog search matches table or column names in the database. For
document-type datasources, Catalog search matches collection or field names
in the database.
- Search for unstructured data matches specific values or patterns in an
unstructured data file, for example CSV, TXT, or CEF files. Search for unstructured
data rules only work with datasources using the database type
TEXT.
-
Provide a name and description while optionally specifying a special pattern test
at the beginning of the Name field. The rule name will also be used to name
the rule associated with the classification policy in the Classification Policy
Builder. If you require a special pattern test, it is recommended that you work with its
corresponding template (for example, use Bank Card - Credit Card Number for credit card
numbers).
-
Open the Rule Criteria section to define a regular
expression and other search criteria for the rule. If you are working with a rule template,
an appropriate regular expression is provided by default.
Attention: For rules created in the discover sensitive data scenario, the default
Data type includes both Number and
Text.
-
Open the Actions section and define any rule actions that
should be taken when rule criteria match.
-
When defining multiple rule actions, you can optionally click the icon and use the and icons to change the order in which the actions are executed.
Note: The Ignore and Log result
rule actions cannot be combined with other rule actions and must be used
as the only action in a rule. The Log policy violation
rule action can only be used once in a rule.
-
Click Save when you are finished adding or editing rule definitions to
return to the What to discover section of the discovery scenario.
- Optionally click the icon and use the and icons to change the order in which rules are applied. Rule order is important as the default behavior stops rule execution after the first match unless Continue on match is selected under Rule criteria.
What to do next
Continue to the next section of the discovery scenario, Where to search.