Anonymizing sensitive data if audit snapshots are generated for internal purposes

Edit online

9.2.38 Available from 9.2.38.

If you leverage audit snapshots for integration scenarios around IBM software asset management, you can anonymize sensitive data so that it is not included in the snapshot.

Before you begin

Important: Anonymized reports are not accepted by IBM to comply with the terms of Passport Advantage Agreement for reporting of Virtualization Capacity nor to prove Partial Renewal of Software Subscription and Support renewals. You need to obtain a formal approval from IBM. To obtain the approval, write an e-mail to talk2sam@us.ibm.com.
User role Permissions
  • You must be an Administrator to enable anonymizing data in the audit snapshot.
  • You must have the following permissions to generate the audit snapshot:
    • View License Metric to open the All Metrics report.
    • View Audit Trail if you want the snapshot to contain the audit trail file.
Anonymized data
The following data is anonymized:
  • Server names
  • Computer names
  • IP addresses

Procedure

  1. To enable anonymizing sensitive data in the audit snapshot, perform the following steps.
    1. In the top navigation bar, hover over Management, and click Advanced Server Settings.
    2. Set the value of the obfuscation_of_audit_snapshot_report_allowed_from_ui parameter to True.
    3. Optional: To include a file that allows to re-identify the data in the audit snapshot, set the value of the include_mapping_file_to_obfuscated_audit_snapshot_report parameter to True.
    4. Click Save.
  2. To generate the audit snapshot with anonymized data, perform the following steps.
    1. In the top navigation bar, hover over Reports, and click All Metrics.
    2. Click Audit Snapshot.
    3. Select the following option, and click Generate.
      • For application update 9.2.38, select Obfuscate.
      • For application update 9.2.39 or later, select Anonymize.

Results

Server names, host names, and computer IP addresses are anonymized in the files that are a part of the audit snapshot. If you chose to include a file that allows to de-anonymize the data, the snapshot also contains the following file:
  • For application update 9.2.38, the file is obfuscated_data.csv.
  • For application update 9.2.39, the file is anonymized_data.csv.
You can use the file to map the anonymized data back to the original data.