Chapter 12. Options for Insights client YAML redaction configuration files

Note

As of RHEL RHEL 6.10, 7.9, 8.3 and later, Insights client uses YAML files to configure redaction. In earlier releases a remove.conf file controls redaction. See Chapter 11, Options for Insights client remove.conf redaction configuration file for remove.conf reference information.

Table 12.1. File redaction example for file-redaction.yaml

ContentDescription
# file-redaction.yaml
---

An optional comment containing the file name.

# Exclude the entire output of commands
#   Specify the full command path or the symbolic name in .cache.json

 commands:
- /bin/rpm -qa
- /bin/ls
- ethtool_i

The entire output from /bin/rpm -qa and bin/ls are excluded from the archive file.

In the .cache.json file, the full command /sbin/ethtool -i is mapped to the symbolic name ethtool_i.

# Exclude the entire output of files
#  Specify the full filename path or the symbolic name in .cache.json

files:
- /etc/audit/auditd.conf
- cluster_conf

For the specified files, the file name and the file content are excluded from the archive file.

In the .cache.json file, the full file path /etc/cluster/cluster.conf is mapped to the symbolic name cluster_conf.

Table 12.2. Content redaction example for file-content-redaction.yaml

ContentDescription
# file-content-redaction.yaml
---

An optional comment containing the file name.

# Pattern redaction per matching line
#  Lines that match a pattern are excluded from files and command output.
#  Patterns are processed in the order that they are listed.
# Example

patterns:
 - "a_string_1"
 - "a_string_2"

When the patterns match exactly any lines that contain a_string_1 or a_string_2 are excluded from files and command output. Enclose the pattern string in quotes.

#
# Regular expression pattern redaction per line
#  Patterns with regular expressions (regex) are wrapped with "regex:"
# Example

patterns:
 regex:
 - "abc.*def"
 - "localhost[[:digit:]]"
 #

Regular expressions are wrapped with regex. You can use any regular expression (regex) recognized by the egrep command. Enclose the regex in quotes.

# Lines matching these regular expressions are excluded
# from output.
patterns:
  regex:
  - "*\.conf"
  - "^include"

The egrep expressions are enclosed in quotes to make sure the regex characters are properly recognized.

In this example, lines are redacted from the archive file if any string contains .conf or if any line begins with include.

# Replace keywords in files and command output with generic identifiers by the Python soscleaner module
keywords:
- "1.1.1.1"
- "My Name"
- "a_name"

The strings in the keywords: array are replaced with the actual value keyword and a number.

For example, each instance of the string 1.1.1.1 is replaced with keyword0. All instances of the string My Name are replaced with keyword1. The a_name is replaced with keyword3 Each additional keyword you define is replaced with an incremental keywordn The value of the substituted keywordn is determined by a Python SoS process and cannot be changed.

The strings that you define in the keywords: array are case sensitive.