Step 2. Create a Rule Set or Rule Sets to Process the Result Set
Step 2. Create a Rule Set or Rule Sets to Process the Result Set
Create a security rule set to process the result set. Give the rule set the name that you provided in Step 1. as the "Ruleset Name for Resultset" parameter. Then create a rule to match the columns in the result set that you want to mask, using the Metadata matcher. For the rule action, select Content Masking. When you select the Content Masking action, provide the name of the third rule set that you will create in the next step, the XML masking rule set. Finally, you must create a rule within this second rule set to apply the masking function.
If you want to mask multiple columns in a result set that contain XML data, you can define individual rule sets for each column.
To create a security rule set, click on a domain node in the rule tree.
Click
Tree
Add Rule Set
.
The
Add Rule Set
window appears.
Enter the name of the security rule set that you gave as the
Ruleset Name for Resultset
property in the previous step. For example, "MaskEmpXMLRS."
Click
OK
.
Within this rule set, create a rule or rules to match the column name in the result set that you want to mask.
In the Management Console, click the security rule set that you created in the previous step.
Select
Tree
Security Rule Set
.
The
Rule Editor
appears.
Click
Action
Append Rule
.
The
Append Rule
window appears.
Enter a name for the rule, for example, "MaskEmpXML."
For the
Matching Method
, select
Metadata
.
For
Content Type
, select
Column Name
.
In the text box, enter the column name and select
String
as the identification method.
Alternatively, you can configure the wildcard or regular expression options as identification methods. Dynamic Data Masking cannot distinguish between a result set that is part of a stored procedure call and a result set that is part of other system calls. As a best practice, do not use multiple generic regular expressions to define the column metadata matcher.
For
Action Type
, select
Content Masking
.
For
Ruleset Name for Content Resultset
, provide a name for the third and final rule set that you will create in the next step, the XML masking rule set. For example, "MaskEmpXMLData."
For the
Processing Action
, select
Continue
.
Click
OK.
Select
File
Update Rules
to save the rule in the rule tree.
Optionally, you can create additional rules within this rule set on other columns in the same result set.
When you are finished creating the rules that match the result set columns, create a final rule to apply the masking. This rule is mandatory and must be the final rule in the rule set.
Select
Tree
Security Rule Set
.
The
Rule Editor
appears.
Click
Action
Append Rule
.
The
Append Rule
window appears.
Enter a name for the final rule, for example, "ApplyMasking."