What to discover
Create policies consisting of rules and rule actions for discovering and classifying sensitive data.
About this task
Classification policies contain ordered sets of rules and rule actions that identify and take actions on sensitive data. Each rule in a policy defines a conditional action that is taken when the rule matches. The conditional test can be simple, for example a wildcard string found anywhere in a table or collection, or a complex test that considers multiple conditions. For discover sensitive data scenarios, the action triggered by a rule can be a grouping action that adds the matches to a specified group or an alerting action that triggers a notification. Multiple grouping and alerting actions can be combined and ordered to create sophisticated responses to matched rules.
This task guides you through the processes of creating and editing classification rules and rule actions for use in your discovery scenario.
- Open the What to discover section to define rules for discovering data.
Use the Language menu to filter rule templates by the selected language
and countries where the selected language is a national language.
Templates for universal patterns like credit card numbers and email addresses are displayed for all Languge menu selections.
Add rules to your discovery scenario or edit existing rules by doing one of the
- Click the icon to create a new rule.
- Select rules from the Classification Rule Templates table and click the icon to add predefined rules.
- Click the icon to edit an existing rule.
When adding or editing classification rules, use the following procedure.
Select a Rule type based on the type of search being performed.
- Search for data matches specific patterns or values in the data.The following data types are supported when searching for data:
BIGINT NUMERIC CHAR NVARCHAR DATE NVARCHAR2 DECIMAL REF DOUBLE SMALLINT FLOAT TIME INTEGER TIMESTAMP LONGVARCHAR TINYINT NCHAR VARCHAR NUMBER VARCHAR2
- For relational-type datasources,
Catalog search matches table or column names in the database. For
document-type datasources, Catalog search matches collection or field names
in the database.The following data types are supported for catalog searches.
ARRAY FLOAT RAW BIGINT INTEGER REAL BINARY LONG REF BIT LONG RAW SMALLINT BLOB LONGVARBINARY STRUCT BOOLEAN LONGVARCHAR TIME CHAR NCHAR TIMESTAMP CLOB NUMBER TINYINT DATE NUMERIC VARBINARY DECIMAL NVARCHAR VARCHAR DOUBLE NVARCHAR2 VARCHAR2
- Search for unstructured data matches specific values or patterns in an unstructured data file, for example CSV, TXT, or CEF files. Search for unstructured data rules only work with datasources using the database type TEXT.
- Search for data matches specific patterns or values in the data.
- Provide a name and description while optionally specifying a special pattern test at the beginning of the Name field. The rule name will also be used to name the rule associated with the classification policy in the Classification Policy Builder. If you require a special pattern test, it is recommended that you work with its corresponding template (for example, use Bank Card - Credit Card Number for credit card numbers).
Open the Rule Criteria section to define a regular
expression and other search criteria for the rule. If you are working with a rule template,
an appropriate regular expression is provided by default.
Attention: For rules created in the discover sensitive data scenario, the default Data type includes both Number and Text.
- Open the Actions section and define any rule actions that should be taken when rule criteria match.
- When defining multiple rule actions, you can optionally click the icon and use the and icons to change the order in which the actions are executed.
- Click Save when you are finished adding or editing rule definitions to return to the What to discover section of the discovery scenario.
- Select a Rule type based on the type of search being performed.
- Optionally click the icon and use the and icons to change the order in which rules are applied. Rule order is important as the default behavior stops rule execution after the first match unless Continue on match is selected under Rule criteria.