Appendix B. Options for the redaction configuration file

The configuration file /etc/insights-client/remove.conf controls how the Insights for Red Hat Enterprise Linux client redacts data.

Note

As of RHEL RHEL 6.10, 7.9, 8.3 and later, using remove.conf is deprecated and replaced by two YAML files.

The Insights client performs redaction on the archive file based on the information in remove.conf. Most redaction activity occurs before the archive file is generated and sent to the Red Hat Insights for Red Hat Enterprise Linux service.

B.1. Options for the Insights client redaction file

File name and location

The suggested name is /etc/insights-client/remove.conf for the redaction configuration file. You must have root permission in order to create this file. It is not created automatically as part of the Insights client deployment.

Note

The /etc/insights-client/insights-client.conf configuration file specifies the name and location of the redaction configuration file.

File template for remove.conf

The following is an example template for the remove.conf file:

[remove]
files=/etc/cluster/cluster.conf,/etc/hosts
commands=/bin/dmesg,/bin/hostname
patterns=password,username
keywords=super$ecret,ultra$ecret+
  • A single comma with no space separates each entered value.
  • Do not include the line for data you do not want redacted.
  • Regular expressions and wildcard matching (egrep) are not supported.
  • All entries are case-sensitive.

Table B.1. remove.conf configuration options

OptionDescription

[remove]

This must be the first line of the remove.conf file.

files=

The listed files are excluded from data collecting.

commands=

The output from commands listed here is excluded from data collecting. The command names must exactly match the command names in the collection rules.

patterns=

Any line in the archive file that matches all or part of a pattern is deleted.

keywords=

The keyword is replaced with an actual value of keyword and a number.

For example, if you define two keywords, keywords=host,domain, each instance of host is replaced with the string keyword0 and each instance of domain is replaced with keyword1. Each additional keyword you define is replaced with an incremental keywordn.