Sensitive Data Filtering

Data filtering can help to protect sensitive user data and don't send it to Hawk. Filtering works on catcher and backend sides.

Filtering on a catcher side

If you want to filter some sensitive data, you can use beforeSend hook in a catcher config:

1. Add a beforeSend hook. This hook accepts the event object and can be used to remove any fields.

Usage:

const hawk = new HawkCatcher({ token: 'INTEGRATION_TOKEN', beforeSend(event) { // Modify the event here if (event.user) { // Don't send user's email address delete event.user.email; } return event; }, });

Filtering on a backend side

We're filtering sensitive data on our backend side by the next rules:

  1. Values that contain bank card numbers. We're checking fields by RegExp.
  2. Values that themselves contain, or whose key names contain, any of the following strings: "password""secret", "passwd", "api_key""apikey""access_token""auth""credentials""mysql_pwd""stripetoken""card", "cardnumber".