Managing Privacy Data Protection Rules

You can view, enable, edit, disable, or delete data masking rules.

You have purchased a database audit instance and the Status is Running.

Log in to the management console.
Select a region, click , and choose Security & Compliance > Database Security Service. The Dashboard page is displayed.
In the navigation tree, choose Rules.
In the Instance drop-down list, select an instance to view its privacy data protection rule.
Click the Privacy Data Protection tab.

Only user-defined rules can be edited and deleted. Default rules can only be enabled and disabled.

View the rules. For details about related parameters, see Table 1.

Store Result Set
You are advised to disable . After this function is disabled, database audit will not store the result sets of user SQL statements.

Do not enable this function if you want to prepare for PCI DSS/PCI 3DS CSS certification.

Note: The result set storage supports only the database audit in agent mode.
Mask Privacy Data
You are advised to enable . After this function is enabled, you can configure masking rules to prevent privacy data leakage.

**Table 1** Masking rule parameters
Parameter	Description
Rule Name	Rule name
Rule Type	Rule type. Default User-defined
Regular Expression	Regular expression that specifies the sensitive data pattern
Substitution Value	Value used to replace sensitive data specified by the regular expression
Status	Status of a rule. Its value can be: Enabled Disabled

You can perform the following operations on a rule:

Disable
Locate the row that contains the rule to be disabled and click Disable in the Operation column. A disabled rule cannot be used.
Edit
Locate the row that contains the rule to be modified, click Edit in the Operation column, and modify the rule in the displayed dialog box.
Delete
Locate the row that contains the rule to be deleted, click Delete in the Operation column, and click OK in the displayed dialog box.