Sensitive Data Filtering
Data filtering can help to protect sensitive user data and don't send it to Hawk. Filtering works on catcher and backend sides.
If you want to filter some sensitive data, you can use beforeSend hook in a catcher config:
1. Add a beforeSend hook. This hook accepts the event object and can be used to remove any fields.
Usage:
const hawk = new HawkCatcher({
token: 'INTEGRATION_TOKEN',
beforeSend(event) {
// Modify the event here
if (event.user) {
// Don't send user's email address
delete event.user.email;
}
return event;
},
});
We're filtering sensitive data on our backend side by the next rules:
- Values that contain bank card numbers. We're checking fields by RegExp.
-
Values that themselves contain, or whose key names contain, any of the following strings:
"password","secret","passwd","api_key","apikey","access_token","auth","credentials","mysql_pwd","stripetoken","card","cardnumber".