Sensitive Data Discovery and Protection (SDDP) allows you to query all the sensitive data that has been detected in your data assets. You can specify one or more types of sensitive data to query and view the distribution of the queried sensitive data across your data assets. This topic describes how to query sensitive data.
- Log on to the SDDP console.
- In the left-side navigation pane, choose .
- On the Sensitive Data Search page, set filters as required.SDDP supports the following filters:
Note If you set multiple filters, SDDP searches for and displays the sensitive data that meets all the specified filters.
- Hit Data: the type of sensitive data. You can select multiple types at a time, for example, email address and mobile number.
- Enter file name to search/Enter table name to search: the name of the object or table with sensitive data detected. Fuzzy match is supported.
- Region: the region where the data asset resides.
- Bucket/Instance/Project: the name of the bucket, database, instance, or project with sensitive data detected.
- Time range: the beginning and end of the time range to query.
- Click Search.
- Query sensitive data by risk level
On the OSS-file tab, you can set the Sensitivity Level parameter to query sensitive data at the specified risk level in your OSS buckets.
- Sort sensitive data based on the total number of rows or sensitive fields in ascending
or descending orderOn a specific tab such as the RDS-table tab, you can click next to Total Number of Rows or Sensitive Column to sort sensitive data based on the total number of rows or sensitive fields in ascending or descending order. The data is sorted in descending order after you click the icon for the first time, and will be sorted in ascending order the next time you click the icon.
What to do next
- Column Name: the name of the sensitive field detected in the table.
Note This parameter is available only in the Column Details pane for a table in a Relational Database Service (RDS) database, Tablestore instance, user-created database hosted on an Elastic Compute Service (ECS) instance, PolarDB-X database, or PolarDB database. The Hit Query pane for an OSS bucket does not display this parameter.
- Hit Rules: the type and name of the sensitive data detection rule that is hit.
- Sensitivity level: the risk level of the detected sensitive data.
- Number of Hits: the number of times that the sensitive data detection rule is hit in the OSS bucket.
Note This parameter is available only in the Hit Query pane for an OSS bucket.
- Data Sampling: the samples collected from the data asset. You can specify the number of samples to be collected by setting the Sensitive Data Sampling parameter on the Cloud Hosting page. You can set this parameter to 0, 5, or 10. Then, SDDP displays the collected samples based on the configuration.