Masking API client

general

EnableMonitorRowCount

Boolean

Controls whether a job displays the total number of rows that are being masked. Setting this to false reduces the startup time of all jobs.

true

PasswordTimeSpan

Integer [0, ∞)

The number of hours a user is locked out for before they can attempt to log in again.

23

PasswordCount

Integer [0, ∞)

The number of incorrect password attempts before a user is locked out.

3

AllowPasswordResetRequest

Boolean

When true, users can request a password reset link be sent to the email associated with their account.

true

PasswordResetLinkDuration

Integer [1, ∞)

Controls how many minutes the password reset link is valid for.

5

NumSimulJobsAllowed

Integer [0, ∞)

Max number of jobs allowed to run simultaneously. Setting this number to zero will lead to a dynamically calculated limit based on the number of available CPU cores.

7

DefaultApiVersion

String

Used to set default API Version.
If the version is omitted from the base path of the request's URL, but wishes to be treated using a specific masking API version that is not the latest version, set the DefaultApiVersion application setting.
If the DefaultApiVersion is not set and the version is omitted from the URL, the latest version of the API on that engine will be used.
Sample API Version format is like v5.1.5 etc.

Blank

DataRetentionInterval

Integer [-1, ∞)

The length of time that specific historical data is retained.
This setting value is in integer days.
Certain log files and internal processing data are retained in case problem diagnosis is needed. Since we cannot keep this data indefinitely, this setting is the length of time that old data is retained. Data older than this will be purged on a periodic basis.
Special Values
-1 : disable this pruning method
 0 : each cleanup removes all files

60

DataRetentionMaxDirectorySize

Integer [-1, 100]

The percentage of disk space allowed for all logfiles located in specific directories.
This setting value is in integer percent.
For log files written to disk, the DataRetentionInterval setting (above) ensures that we keep these job log files for only a specific period of time. This setting avoids problems where significant activity in a short time might overwhelm avaiable disk space,.
This setting is a backstop to the DataRetentionInterval setting which is intended to be the primary driver for managing retention.
Special Values
-1 : disable this pruning method
 0 : each cleanup removes all files

10

algorithm

DefaultNonConformantDataHandling

String {DONT_MASK, FAIL}

Default algorithm behavior for Handling of Non-conformant Data patterns.

DONT_MASK

database

DB2zDateFormat

String

Default Date String format to use for DB2 zOS if the database is not using one of the pre-defined IBM DB2 zOS Date String formats. Default is ISO Date String format.

yyyy-MM-dd

ldap

Enable

Boolean

Used to enable and disable LDAP authentication

false

LdapHost

String

Host of LDAP server

10.10.10.31

LdapPort

Integer [0, ∞)

Port of LDAP server

389

LdapBasedn

String

Base DN of LDAP server

DC=tbspune,DC=com

LdapFilter

String

Filter for LDAP authentication

(&(objectClass=person)(sAMAccountName=?))

MsadDomain

String

MSAD Domain for LDAP authentication

AD

LdapTlsEnable

Boolean

Enable and disable the use of TLS for LDAP connections.

false

mask

DatabaseCommitSize

Integer [1, ∞)

Controls how many rows are updated (Batch Update) to the database before the transaction is committed.

10000

DefaultStreams

Integer [1, ∞)

Default number of streams for a masking job.

1

DefaultUpdateThreads

Integer [1, ∞)

Default number of database update threads for a masking job.

1

DefaultMaxMemory

Integer [1024, ∞)

Default maximum memory for masking jobs (in megabytes).

1024

DefaultMinMemory

Integer [1024, ∞)

Default minimum memory for masking jobs (in megabytes).

1024

CharStreamingBufferLimitRate

Integer [1, 50]

Used for calculating maximum allowed buffer size for Character streaming parsers to buffer data. Only used in JSON file and Document store type masking.

25

profile

EnableDataLevelCount

Boolean

When enabled (true), the Continuous Compliance Engine counts the number of rows in the profiled table. If the number of rows are less than or equal to DataLevelRows, then it uses the number of rows as the sample size. Otherwise, it uses DataLevelRows.

When disabled (false), the Continuous Compliance Engine uses DataLevelRows.

false

DataLevelRows

Integer [1, ∞)

The number of rows a data level profiling job samples when profiling a column.
The DataLevelRows will only take into account if

• EnableDataLevelCount is false.

• EnableDataLevelCount is true and number of rows is greater than DataLevelRows.

100

DataLevelPercentage

Double (0, ∞)

Percentage of rows that must match the data level regex to consider this column a match, and thus sensitive.

80.0

IgnoreDatatype

String

Datatypes that a profiling job should ignore. Columns of these types will not be assigned a domain/algorithm pair.

BIT,BOOLEAN,CHAR#1,VARCHAR#1,VARCHAR2#1,NCHAR#1,
NVARCHAR#1,NVARCHAR2#1,BINARY,VARBINARY,IMAGE,
LOB,LONG,BLOB,CLOB,NCLOB,BFILE,RAW,ENUM,BFILE

DefaultStreams

Integer [1, ∞)

Default number of streams for a profiling job.

1

DefaultMaxMemory

Integer [1024, ∞)

Default maximum memory for profiling jobs (in megabytes).

1024

DefaultMinMemory

Integer [1024, ∞)

Default minimum memory for profiling jobs (in megabytes).

1024

OptimizationLevel

Integer [0, 9)

Optimization level for the profiling job which is defined as below,
0: No optimizations are performed.
1: JavaScript runs in interpreted mode.
9: Performs the most optimization with faster script execution, but compiles slower. 1-9: All optimizations are performed.

-1

DefaultMultiphiAlgorithm

String

Default Multiple PHI masking algorithm which will be used when the Multiple Profiler Expression will be true for profile job. This value is used by both the legacy and ASDD profilers.

NullValueLookup

ASDD

DefaultMaximumColumnSize

Integer [1, 65536]

The maximum length of the column value to profile. Any value beyond that is truncated to this length for ASDD profiling and the remaining part is ignored.

1024

DefaultTableSampleRows

Integer [1, ∞)

The number of database rows for the ASDD profiler to sample for each table.

1000

DefaultAssignmentThreshold

Integer [1, 100]

The confidence threshold that must be met or exceeded for the ASDD profiler to make a domain and algorithm assignment. Assignment threshold can otherwise be set on a profile set level; see Configuring profile sets.

1

DefaultJobExecutionStreams

Integer [1, ∞)

The number of streams to use by default for new ASDD profiler jobs

1

DefaultNullFilterThreshold

Integer [0, 100]

The percentage of column values that must be null or empty to trigger an additional query to retrieve more column values.

75

job

JobLoggingLevel

String {Basic, Detailed}

Controls the amount of information being logged from a job's output. Warning: the Detailed setting may log sensitive information when errors occur. Although this information can be very valuable when debugging a problem, it should be used with care.

Basic

csp

CspFrameAncestorsDomain

String

Defines valid sources for embedding the resource using "frame", "iframe", "object", "embed", or "applet". To whitelist domains for frame-ancestors, add space-separated URLs in the CspFrameAncestorsDomain.

csp

CspFormActionDomain

String

Defines valid sources that can be used as an HTML "form" action. To whitelist domains for form-action, add space-separated URLs in the CspFormActionDomain.

csp

CspScriptSrcDomain

String

Defines valid sources of JavaScript. To whitelist domains for script-src, add space-separated URLs in the CspScriptSrcDomain.

csp

StrictCspEnabled

Boolean

CSP setting should be enable via application setting based flag. This will provide more control to customer over CSP policy.

False