Route data to multiple destinations
Enrich data events with business or service context
Search and analyze data directly at its source, an S3 bucket, or Cribl Lake
Reduce the size of data
Shape data to optimize its value
Store data in S3 buckets or Cribl Lake
Replay data from low-cost storage
Collect logs and metrics from host devices
Centrally receive and route telemetry to all your tools
Redact or mask sensitive data
Optimize data for better threat detection and response
Streamline infrastructure to reduce complexity and cost
Simplify Kubernetes data collection
Optimize logs for value
Control how telemetry is stored
Easily handle new cloud telemetry
Ensure freedom in your tech stack
Accelerate the value of AIOps
Effortlessly search, collect, process, route and store telemetry from every corner of your infrastructure—in the cloud, on-premises, or both—with Cribl. Try the Cribl Suite of products today.
Learn moreGet telemetry data from anywhere to anywhere
Get started quickly without managing infrastructure
Streamline collection with a scalable, vendor-neutral agent
AI-powered tools designed to maximize productivity
Easily access and explore telemetry from anywhere, anytime
Instrument, collect, observe
Store, access, and replay telemetry
Get hands-on support from Cribl experts to quickly deploy and optimize Cribl solutions for your unique data environment.
Work with certified partners to get up and running fast. Access expert-level support and get guidance on your data strategy.
Get inspired by how our customers are innovating IT, security, and observability. They inspire us daily!
Read customer storiesFREE training and certs for data pros
Log in or sign up to start learning
Step-by-step guidance and best practices
Tutorials for Sandboxes & Cribl.Cloud
Ask questions and share user experiences
Troubleshooting tips, and Q&A archive
The latest software features and updates
Get older versions of Cribl software
For registered licensed customers
Advice throughout your Cribl journey
Connect with Cribl partners to transform your data and drive real results.
Join the Cribl Partner Program for resources to boost success.
Log in to the Cribl Partner Portal for the latest resources, tools, and updates.
Our Criblpedia glossary pages provide explanations to technical and industry-specific terms, offering valuable high-level introduction to these concepts.
Data redaction is the process of masking or hiding sensitive information within data fields to protect it from unauthorized access. When redacting data, such as a social security number, you usually define specific fields or patterns to be redacted and establish a standard or customized replacement.
A good example would be the previously mentioned SSN. You could search for the common SSN format (xxx-xx-xxxx) or look for a field titled SSN (or similar). However, it gets a little more difficult if it is just represented by a series of numbers, such as 1234567о89. In such scenarios, additional information might be required as this number string could be almost anything.
Data redaction and data obfuscation both aim to protect sensitive information, but they are used in slightly different contexts and have different methods.
Data redaction involves permanently removing or concealing sensitive information within a dataset to prevent unauthorized access. This is often used to comply with privacy laws or regulations. In data redaction, parts of the data are generally removed or replaced with a placeholder such as “REDACTED”.
Data obfuscation, on the other hand, involves deliberately introducing a level of complexity into the data to make it hard to understand without necessarily removing any part of it. This technique often modifies the representation of data. It masks it in a way that makes it incomprehensible to unauthorized users, while still retaining its original structure.
What are the key differences?
Data that typically need to be redacted includes any sensitive or personally identifiable information (PII) that can compromise privacy or security if exposed. This includes but is not limited to:
To protect sensitive information, various data redaction techniques can be employed. These techniques achieve anonymization by obscuring or transforming critical data elements within a dataset.
The choice of redaction method depends on the type of data being processed. There are 2 main types, static and dynamic redaction. Let’s break them down.
Static redaction
Static redaction is a predefined, fixed process where specific data fields or patterns are consistently redacted based on set rules. This method is useful when you have predictable, unchanging data that needs redacting. Such examples are specific keywords, phrases, or identifiable patterns (e.g., credit card numbers or social security numbers).
Dynamic Redaction
Dynamic Redaction involves evaluating data on the fly using more complex logic or scripts. Often adapts to varying inputs and requires real-time assessment. This method is beneficial for scenarios where redaction rules need to adapt based on the content or context of the data streaming through the system. For example, redacting variable-length sensitive information or data dependent on certain conditions.
Redacting data involves removing sensitive information to protect individuals’ privacy, maintain compliance with regulations, and prevent misuse of the data. Redaction processes are commonly customized to ensure that sensitive, verbose, or undesired data within datasets are not exposed unnecessarily. This is crucial for maintaining security, privacy, and compliance with internal policies or legal requirements,including:
Contrary to popular belief there is no one way to redact data. It’s usually based on use cases and the type of data encountered. However, redaction best practices can help ensure the effectiveness and security of the redaction process. Here are some best practices highlighted in the context of Cribl products:
Identify Sensitive Information
Clearly define what constitutes sensitive data (e.g., PII, PHI, PCI) in your organization to ensure you are protecting the right information.
Use Standard Redaction Patterns
Consistently apply a standard redaction pattern. For example, Cribl Edge uses a pattern that echoes the first and last two characters of a value while replacing intermediate characters with ellipses (??…??).
Customize as Needed
Utilize the custom redact string feature to override default patterns if necessary. This will ensure that the redaction meets your specific requirements.
Leverage Detection Engines
Integrate tools like Nightfall’s Data Loss Prevention (DLP) engine to automatically detect and redact sensitive information using machine learning.
Test Thoroughly
Ensure that redaction settings are thoroughly tested to avoid accidental exposure of sensitive data.
Regulatory Compliance
Ensure your redaction practices comply with relevant data protection compliance frameworks like GDPR, HIPAA, etc.
Documentation and Training
Document your redaction policies and ensure that all relevant personnel are trained on these practices.
By applying these best practices, you can effectively secure sensitive data and maintain compliance with data protection regulations.
Cribl offers robust capabilities for data redaction. In Cribl Stream, you can redact sensitive information from your data using Pipeline Functions.
For example, you might use the following Pipeline Functions designed for redacting:
By following this configuration, Cribl products can help systematically redact sensitive data, ensuring your logs and data streams are secure and compliant with your data protection policies.
Data redaction is important because it protects sensitive information from unauthorized access. By redacting it, organizations avoid exposing individuals to identity theft or fraud. Data redaction also helps businesses comply with regulations that protect personal information.
Classic choice. Sadly, our website is designed for all modern supported browsers like Edge, Chrome, Firefox, and Safari
Got one of those handy?