Selective Protection of Sensitive Data in Logs

From Genesys Documentation
Jump to: navigation, search
This topic is part of the manual Gplus Adapter for Siebel CRM Deployment Guide for version 8.5 of Gplus Adapter for Siebel CRM.

Selective protection of sensitive data is improved with the ability to hide DTMF-related information (for example, digits) in Logs, via Communication Server options.

Setting the Genesys Configuration Options for the Communication Server

This section falls under Chapter 3, Deploying the Communication Server for Siebel CRM > Setting the Genesys Configuration Options for the Communication Server > Configuring Genesys on page 57 of the Gplus Adapter for Siebel CRM 8.0 Deployment Guide PDF.

To prevent the display of private parameters included in UserData, Extensions, Reasons, and others in the Adapter’s log, you configure options in the Options section of the Gplus Communication Server Application object in Configuration Manager.

  1. Configure two options in the log-filter section:
    • default-filter-type: This option supports valid values like copy, hide, skip, and others, that specify the default method for presenting KVList information (including UserData, Extensions, and Reasons) in the log.
    • hide-tlib-sensitive-data: This option supports valid values of true and false, that specify whether DTMF-related data is hidden in the log.
    For example, the log-filter section might look like the following:
    log-filter section in Configuration Manager
  2. Use the log-filter-data section to define a list of key-value pairs that specify how each individual KVList pair is presented in the log. The key is option name. For the value, specify copy, hide, or skip.
    For example, the log-filter-data section might look like the following:
log-filter-data section in Configuration Manager
For more information, see the log-filter and log-filter-data sections in Common Security Options of the Framework Configuration Options Reference Manual.

Configuring the GenCommDrv.ini file (optional)

This ability is supported by a new property, LogFilterHideTLibSensitiveData.

Table 5, on page 64 of the PDF
Property name Values Description
General section
LogFilterHideTLibSensitiveData Default Value: false

Valid Values: false, true

(Optional) Enables or disables filtering of DTMF data in the log. It is an analog of the hide-tlib-sensitive-data option for Communication Server. Refer to Common Security Options of the Framework Configuration Options Reference Manual for details.

The Contents of the GenCommDrv.ini file

The following code snippet shows the contents of the GenCommDrv.ini file:

// ============================
// General
// ============================
SiebelAPI                  = 2
ProcessingThreadPoolSize   = 30
ClientConnectionsPerServer = 1
RequestTimeout             = 30000
OnReconnectDelay           = 4000

// ============================
// Log subsystem properties
// ============================

LogFile             = GenCommDrv
LogDir               = ./
LogExt               = log
MaxLogKB             = 10240
LogFilesCount        = 10
LogLevel             = 2

// ============================
// Log filtering properties
// ============================

//Enables or disables log filtering
//Values: true|false, default value - false
LogFiltering = false

//Defines the treatment for all KV pairs by default
//Values: copy|hide|skip|..., default value - copy, refer to Genesys documentation for more details
LogFilterType = copy

//The treatment for specific keys, overrides the default treatment specified by LogFilterType
//Values: <item_1>;<item_2>;...<item_N>, default value - empty string
//      where <item> = <key>:<value>
//          where <key>,<value> are any string excepting special symbols like ':', '\', ';'
// Example: LogFilterData = "key1:skip;key2:hide-first,3;key3:hide"
LogFilterData = ""

//the analog of [log-filter]::[hide-tlib-sensitive-data]
//see 'Common Security Options' in 'Genesys Framework 8.5. Configuration Options' 
LogFilterHideTLibSensitiveData = false

// ============================
// HTTP Client connection properties
// ============================
ServerReconnectDelay = 10000
ClientPortRangeStart = 0
ServerConnectTimeout = 0

// ============================
// Security properties of HTTP connection
// (used when https is configured in PrimaryGenCommServerURL/BackupGenCommServerURL URLs)
// ============================
Certificate          = ""
CertificateKey       = ""
TrustedCA            = ""
SecProtocol          = ""
CRL                  = ""
TlsTargetNameCheck   = "no"
Retrieved from " (2021-04-10 22:40:24)"