Hiding Sensitive Information in Logs and on the User Interface
By default, data is logged and displayed in plain text. You can protect sensitive information by concealing some fields. A hash function is applied to the data in these fields. The hash value is logged and displayed in the UI.
Log data privacy
Fields whose data can be protected include:
- Block Reason — Explanation for why a web request was blocked
- Client IP (External) — Public IP address of your organization's network
- Client IP (Internal) — IP address of the endpoint
This value is provided by Client Proxy, IPsec, or GRE authentication, configured singly or together. Otherwise, the internal and external client IP addresses have the same value. - Last Rule — Name of the last rule applied before the information is logged
- Location — Any location name configured for the web policy
- URL Path — The part of the requested URL that follows the host name
- User Agent — Identity of the web browser passed in an HTTP user-agent header
- User Name — Name of the user making the web request or the IP address of the endpoint
- Process Name — Name of the process that generated the web request
Permissions
You need Administrator | Setup & Configuration permissions to access the SWG Setup UI and configure the privacy settings.