Handling confidential strings

AppMon handles confidential string data captured by Agents or Sensors to restrict view of the sensitive data. To read confidential data, your user account must have the ReadConfidentialStrings permission. See Permissions Mapping and User Permissions and Authentication > Roles for more information about permissions.

The list of defined confidential data includes:

  • String arguments passed to methods.
  • String return values.
  • Exception messages.
  • Message content transported over middleware, such as JMS.
  • URI, query string, headers, parameters, request attributes, and Servlet call session attributes of.
  • URI, query string, headers, parameters, cookies, session attributes, and ASP.NET call server variables.
  • SQL and SQL database call bind parameters.
  • Incident messages and descriptions triggered by the AppMon Server.

For example, the JDBC sensor captures argument values passed to methods or SQL statements.

To define confidential string types when you export a client session, select Settings > Dynatrace Server > Settings, and click the Confidential Strings tab. In the Active column, check strings which should be kept confidential.

You can use two approaches to confidential strings: