Use file system or drive-level encryption for your session data if you need to protect them.
Additionally, you can hide strings in PurePaths that should be kept confidential when the data is captured.
Encryption options on OSes
OSes are different in what they offer regarding file-system-level encryption of your session data. As session data are quite large with high write rates it may be worthwhile to consider native encryption at the drive level (hardware permitting).
Windows (Ultimate, Enterprise, Server 2008 and up) BitLocker is an option. It needs a TPM though.
TrueCrypt was declared insecure by the developers themselves.
dm-crypt subsystem is an option on Linux.
It's assumed that you have a partition available which can be completely erased. This example uses
/dev/sdb1 as the identifier.
Make sure you have
dm-crypt available in your kernel, then install
sudo apt-get install cryptsetup
Prepare your partition encryption:
sudo cryptsetup create -y dtsession /dev/sdb1
By confirming your passphrase twice you've completed setting up the partition-encryption. The next step is to create a file system. This example uses ext4, but others should do as well:
sudo mkfs.ext4 /dev/mapper/dtsession
This takes a while, depending on how much space is available on the drive. Now the mountpoint has to be created and the partition has to be mounted:
sudo mkdir /mnt/dtsession sudo mount /dev/mapper/dtsession /mnt/dtsession sudo chown -R USER:<UserAccountDynatraceServerIsRunningUnder> /mnt/dtsession
Finally the AppMon Server must be configured to use the newly created session storage. In the AppMon Client, select Settings > Dynatrace Server > Storage vertical tab and put the path in the Stored Sessions Directory field (in this example:
/mnt/dtsession/sessions/stored). You must restart the AppMon Server to use the new storage location.
Encryption can be enabled when creating a new EBS volume. In the AppMon Client, select Settings > Dynatrace Server > Storage vertical tab and put the EBS path in the Stored Sessions Directory field.