question

Wei D. avatar image
Wei D. asked ·

obfuscate SQL Binding Values but not SQL statement

Hi All,

Is there any way to only obfuscate SQL Binding Values but leave SQL statement as plain text in DT 6.3, right now, it is the all or nothing setting in the Credential String configuration?

Thanks,

6.3
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Andrew M. avatar image
Andrew M. answered ·

Hi Ding, this is still the case in AppMon April 2018 and is by design.

Bind values are only seen if you turn on capturing bind values in the DB driver sensor properties. At least in the case of JDBC, capturing bind values is turned OFF by default. Therefore you may safely uncheck the option for SQL Binding Values in the Confidential Strings settings to display the SQL statement if you are not doing SQL bind value capturing. I cannot imagine that capturing bind values is very common on production systems anyhow.

Regards,

Andrew


Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Florent D. avatar image
Florent D. answered ·

yes, I'm look at this one too and on 6.5 selecting "SQL binding keys" does nothing.

However "SQL binding values" obfuscates everything (SQL and keys).

It must be a bug.

Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Fran H. avatar image
Fran H. answered ·

Hi Dave and Ding. Did you ever confirm if this is the expected behaviour or if the whole SQL sentence is supposed to be obfuscated? I have a customer that came across this behaviour and they were asking for the exact same thing.

Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Dave M. avatar image
Dave M. answered ·

This seems like a bug to me. I turned on confidentiality for only "SQL Binding Values" and the entire SQL statement except for the operation (select, insert, etc) was obfuscated.

Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.