question

Mike L. avatar image
Mike L. asked ·

Can you obfuscate a part of a server-side outbound URL?

Hello,

Is it possible to hide a part of a URL? See the blue parts of the below screenshot for an example:

I was considering the Resource URL cleanup rules, but I don't know if that would apply here as it was created for another use case (I cannot test it due to that functionality not being available yet in the cluster).

Kind regards,
Mike

configurationmonitoringservicesgui
sensitive-urls.png (135.0 KiB)
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Alexander S. avatar image
Alexander S. answered ·

Hi Mike,

The resource cleanup rules are only available for real user monitoring data.

Alex

1 comment Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Thanks, I thought as much but I hoped that it could be (mis)-used for this goal :)

0 Likes 0 · ·
Michael K. avatar image
Michael K. answered ·

is this a cleanup question or security related one?

3 comments Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Hi Michael, It is a security question.

0 Likes 0 · ·
@Michael L.,

GET parameters are obfuscated (replaced by '?') unless you have the "view confidential data" role assigned. POST parameters are never there. Hiding the URLs (or parts of them) would certainly lower value of using Dynatrace as problem solving tool. I can only imagine some cleanup rules (regex), that would mark parts of this URLs as confidential. I don't think this is available in Dynatrace at this time.

0 Likes 0 · ·

A regex rule that either removes it or at least marks it as confidential would be great. In this case the url's contain usernames of which user owns a bucket (look at it like an S3 bucket). The usernames are never to be linked back to a user action due to regulations.

0 Likes 0 · ·

Space Topics

mobile monitoring dotnet synthetic monitoring reports iis chat kubernetes servicenow amazon web services mysql mainframe rest api errors cassandra dashboard oneagent sdk cmc application monitoring openkit smartscape request attributes monitoring developer community user tagging log monitoring services ufo syntheticadvisory activegate ip addresses auto-detection high five award oracle hyperion webserver uem usql iib test automation license web performance monitoring ios news migration management zones index ibm mq web services custom event alerts notifications sso host monitoring knowledge sharing reports browser monitors java hybris sap vmware maintenance window user action naming javascript appmon ai synthetic classic availability tipstricks automation extensions session replay diagnostic tools permissions davis assistant faq documentation problem detection http monitors server easytravel apdex aws-quickstart network docker tags and metadata cloud foundry google cloud platform synthetic monitoring process groups account usability dynatrace saas gui paas openshift key user actions administration user actions postgresql synthetic locations oneagent security Dynatrace Managed user management custom python technologies mongodb openstack user session monitoring continuous delivery citrix configuration alerting NGINX action naming linux nam installation masking error reporting database mission control jmeter recorder apache mobileapp RUM php threshold azure purepath davis scripting agent aix nodejs android