DataWorks:View and manually correct sensitive data detection results

Prerequisites

1. You have created a data detection rule and enabled a detection task. For more information, see Configure a data detection rule and run a detection task.

Background information

DataWorks lets you define data detection rules based on the sensitivity level and category of your data. By running sensitive data detection tasks, you can detect sensitive data within your organization and obtain the detection results. For data with inaccurate detection results, you can manually correct the detection results. The Sensitive Data Overview module displays the distribution of all sensitive fields that were recently hit by data detection rules, broken down by project.

Go to the sensitive data detection results page

1. Log on to the DataWorks console. Switch to the destination region. In the navigation pane on the left, choose Data Governance > Security Center. On the page that appears, click Go to Security Center.

2. In the navigation pane on the left, choose Data Usage Security > Sensitive Data Management. Click Try Now to go to Data Security Guard.

   Note

   • If your Alibaba Cloud account has the required permissions, you are directed to the home page of Data Security Guard.

   • If your Alibaba Cloud account has not been granted the required permissions, you are directed to the authorization page of Data Security Guard. Go to Data Usage Security > Sensitive Data Management. In the dialog box that appears, you must select Data Security Guard and grant permissions before you can use its features.

3. In the navigation pane on the left, choose Rule Configuration > Sensitive Data Detection. In the upper-left corner of the page, click the Detection Results tab to go to the Detection Results page.

View detection results

On the Detection Results page, you can switch between fields with detection results, fields with no detection results, and undetected fields. The page displays information such as the detection status, the number of fields, the number of tables, and the details of the detection results. The following figure shows an example of the detection results page for Fields with detection results.

Manually correct detection results

Go to the manual correction page

1. Go to the data detection rules page. For more information, see Go to the data detection rules page.

2. Click the Detection Results tab to go to the detection results page.

3. Manually correct inaccurate detection results.

   Operation	Description
   Filter by engine type	In area ① of the preceding figure, select a data engine from the drop-down list. Note You can correct sensitive data detection results for the ODPS, EMR, CDH_HIVE, and HOLO engines.
   Filter	In area ② of the preceding figure, filter the detection results that you want to query. You can filter by criteria such as Project, Table Name, and Field Name. You can also click Show More to see more filter criteria and further filter by Classification, Level, and Sensitive Field Type. Classification: The classification information in the default classification and categorization template for the current tenant. For more information, see Configure sensitive data classification and categorization. Level: The level information in the default classification and categorization template for the current tenant.
   Correct a single data entry	Area ③ of the preceding figure displays the list of detection results. You can click Display Settings and select the fields that you want to view to refresh the list details. By default, the list displays Project, Table Name, Field Name, Classification, Level, Sensitive Field Type, Manually Corrected, and Last Updated. You can also click Lineage Analysis in the Actions column to go to the Data Lineage (Public Preview) module and view field-level data lineage relationships. For a field whose Sensitive Field Type is incorrect, click the drop-down list in the Sensitive Field Type column. The list displays the Published sensitive field types from the default classification and categorization template of the current tenant. Check if an existing sensitive field type meets your needs: If it meets your needs: Select another existing sensitive field type. Click the icon to go to the Data Detection Rules page. Modify the detection rule for the original sensitive field type and the rule for the new sensitive field type to ensure future detection accuracy. If it does not meet your needs: Click the icon to go to the Data Detection Rules page. Alternatively, scroll to the bottom of the drop-down list and click Manage Sensitive Field Types. You are redirected to the Data Detection Rules page, and the Create Sensitive Field Type dialog box appears. Add a new sensitive field type and configure its detection rule. For more information, see Configure a data detection rule and run a detection task.
   Correct data in batches	Select the fields that you want to correct in a batch. In area ④ of the preceding figure, click Batch Correction. In the Batch Correct Detection Results dialog box that appears, the Sensitive Field Type drop-down list displays the Published sensitive field types from the default classification and categorization template of the current tenant. Select the correct sensitive field type and click Save to complete the batch correction.

Export detection results