Communities
A collaborative platform to connect and grow with like-minded Informaticans across the globe
Product Communities
Connect and collaborate with Informatica experts and champions
Discussions
Have a question? Start a Discussion and get immediate answers you are looking for
User Groups
Customer-organized groups that meet online and in-person. Join today to network, share ideas, and get tips on how to get the most out of Informatica
Get Started
Community Guidelines
Knowledge Center
Troubleshooting documents, product guides, how to videos, best practices, and more
Knowledge Base
One-stop self-service portal for solutions, FAQs, Whitepapers, How Tos, Videos, and more
Support TV
Video channel for step-by-step instructions to use our products, best practices, troubleshooting tips, and much more
Documentation
Information library of the latest product documents
Velocity (Best Practices)
Best practices and use cases from the Implementation team
Learn
Rich resources to help you leverage full capabilities of our products
Trainings
Role-based training programs for the best ROI
Certifications
Get certified on Informatica products. Free, Foundation, or Professional
Product Learning Paths
Free and unlimited modules based on your expertise level and journey
Resources
Library of content to help you leverage the best of Informatica products
Tech Tuesdays Webinars
Most popular webinars on product architecture, best practices, and more
Product Availability Matrix
Product Availability Matrix statements of Informatica products
SupportFlash
Monthly support newsletter
Support Documents
Informatica Support Guide and Statements, Quick Start Guides, and Cloud Product Description Schedule
Product Lifecycle
End of Life statements of Informatica products
Ideas
Events
Change Request Tracking
Marketplace
English
  • Data Archive 6.5
  • All Products

Table of Contents

Search

  1. About the Data Vault Administrator Guide
  2. Introduction to the Data Vault
  3. Data Vault Service Startup and Shutdown
  4. Data Vault Configuration
  5. Data Vault SSL Setup
  6. Data Vault ODBC Setup
  7. Data Vault Administration
  8. Data Repartitioning
  9. Partial Data Vault Copy
  10. Archived Data Migration
  11. Bulk File Uploader
  12. Data Vault Administration Tool
  13. Data Vault Logs
  14. User Account Privileges
  15. ssasql Command Line Program
  16. Data Vault Audit Log
  17. Sample Configuration Files

Data Vault Administrator Guide

Data Vault Administrator Guide

Back Next

Dynamic Data Masking Rules

Dynamic Data Masking Rules

When you configure the audit log, you create both connection rules and security rules in the Management Console.
A connection rule defines the connection criteria that the Dynamic Data Masking Rule Engine uses to identify a connection and the target database. Connection rules use a matcher and a rule action to identify and route a connection. The matcher defines the criteria that the Rule Engine uses to identify a match. The rule action determines how the Rule Engine processes the matched connection.
A security rule defines the criteria that the Rule Engine uses to parse and rewrite an SQL request. Security rules consist of a matcher, a rule action, and a processing action. The Rule Engine applies security rules to incoming SQL statements to identify a match to the criteria that you define. If a match occurs, the Rule Engine applies the security action to the SQL statement.
For more information about Dynamic Data Masking rules, see the
Informatica Dynamic Data Masking User Guide.
Create the following connection and security rules to identify, route, and rewrite incoming SQL requests to the Data Vault:
Connection rule folder
Connection rule that routes all incoming connections to the rules in the folder. The folder contains the switch to database and use rule set rules.
Switch to database rule
Connection rule that routes incoming connections to the Data Vault database.
Use rule set rule
Connection rule that sends incoming Data Vault SQL requests to the security rule set that contains the log and rewrite rules.
Log rule
Security rule that logs whenever an incoming SQL request is sent to the security rule set. The Rule Engine writes this information to the
rule.log
 file.
Rewrite rule
Security rule that identifies the columns that you want to trigger the audit. If these columns are included in an SQL request sent to the Data Vault, the rewrite rule also rewrites the SQL statement to append an audit tag.
0 COMMENTS
We’d like to hear from you!