Components
- Categories: What kind of sensitive data we are looking for
- Endpoints: Where to look for that sensitive data
- Match Rules: Our common format for specifying how to parse, match, and exclude text.
- Service Identification: How we determine what a service is called
- SBAC: Hard blocking rules (i.e. A credit card number is never dispatched to the outside internet)
- Rules: Distributed alerts and ratelimits (i.e. Non-admin users cannot see more than 10 distinct credit cards in an hour)
- Body Collection: When to upload entire request/response/stream bodies
- Header Collection: What headers to upload for telemetry
- Report Style: Configures what form is match information sent upstream
- Parsers: Interpreting Layer 4 and Layer 7 structure.
- Environment Collection: Interpreting Layer 4 and Layer 7 structure.
Misc Fields
path_groups: A list of PathGlobs that are used for additional path aggregation.