Preventing PII from Appearing in Splunk or Riva Activity Logs

Article ID: 1888
Last updated: 22 Apr, 2019

By default, Personally identifiable information (PII) may appear in Splunk logs and Riva logs.

In Riva 2.4.54 or higher, the sync policy can be configured to prevent PII from appearing in Splunk or Riva activity logs. There are two ways to achieve that goal.

  • Convert the PII to a hash and output the hash to the Splunk or Riva activity logs.
    Example:
    Matched SystemUser: 7b2d22c6b3e55617cb55d81a0295c5dd09b4d3d2ae49279acebf3d3d03ea1f3a
    Note: Riva system logs are unaffected. They may contain PII.
    To configure Riva to output a hash instead of PII, see Hashing the PII.

    or
     
  • Replace the PII in the Splunk and Riva activity logs with this placeholder:
    {Message cleared by PII requirements}
    Note: Riva system logs are unaffected. They may contain PII.
    To configure Riva to output a placeholder instead of PII, see Replacing the PII with a placeholder.

Hashing the PII

To hash the PII and log the hash in Splunk or Riva activity logs:

  1. Configure the following advanced options for the sync policy:
    • Sync.Crm.ActivityLogPrivacyCheck.Enabled = true
    • Sync.Crm.ActivityLogPrivacyCheck.ConnectionStringName = activityPII
       
  2. In the Riva\Omni.Riva.CrmAgentEx.exe.config file, inside the <connectionStrings> tag, in the activityPII connection string, ensure that UseFormattedMessage is set to True.

  3. Save the policy.

    Result: From now on, the PII will be hashed and only the hash will be logged in Splunk or Riva activity logs.

Replacing the PII with a Placeholder

To replace the PII with a placeholder in Splunk or Riva activity logs:

  1. Configure the following advanced options for the sync policy:
    • Sync.Crm.ActivityLogPrivacyCheck.Enabled = true
    • Sync.Crm.ActivityLogPrivacyCheck.ConnectionStringName = activityPII
       
  2. In the Riva\Omni.Riva.CrmAgentEx.exe.config file, inside the <connectionStrings> tag, in the activityPII connection string, ensure that UseFormattedMessage is set to False.

  3. Save the policy.

    Result: From now on, the PII will be replaced with "{Message cleared by PII requirements}" in the Splunk or Riva activity logs.



Article ID: 1888
Last updated: 22 Apr, 2019
Revision: 8
Views: 667
Prev     Next
Do Not Run Riva CRM Integration Twice Against the Same User       Performance Tuning


Back to Top