Table of Contents

Search

  1. Preface
  2. Introduction to Dynamic Data Masking
  3. Rules
  4. Connection Rules
  5. Security Rules
  6. Security Rule Set Simulator
  7. Masking Functions
  8. Glossary

SQL Syntax Matcher

SQL Syntax Matcher

The SQL Syntax matcher compares the incoming SELECT statement to the SQL statement that you define within the matcher.
For a match to occur, the objects and predicates must be in the same order as the statement that you define in the rule. The objects and predicates that you define must ignore spaces, line breaks, and capitalization.
If you define an SQL statement that includes predicates that use literals, enter the literal value in the statement text. For SQL statements that include predicates that use bind variables, enter
Column name<operator>:[any string]
in the statement text. For example, if you enter
emp_number =:emp
, you replace statements that use any variation of emp_number.
The SQL Syntax matcher only matches SELECT statements. It does not match other data manipulation language commands such as INSERT, UPDATE, or DELETE.
The SQL Syntax matcher ignores the alias of a table name.
The following table describes options for the SQL syntax matcher:
Option
Description
Allow bind variables to match any value in the statement
Enables the Rule Engine to match bind variables in the request statement. If you select the bind variable option, the Rule Engine matches any bind variable or literal. Bind variables can match functions, including
sysdate
or
to_date()
.
For example, if the matching statement is
select * from cars where year=:year_no
, the Rule Engine matches all statements that use
select * from cars
. If you do not select the bind option, the Rule Engine matches request statements that exactly match
select * from cars where year=year_no
.
Allow any select list in the statement
Enables the Rule Engine to match request statements by using the defined statement, regardless of the contents of the select list.