Fortinet black logo

Masking User data based on configured time frame

Copy Link
Copy Doc ID 0cdde433-eac4-11e9-8977-00505692583a:677705
Download PDF

Masking User data based on configured time frame

Admins have the ability to configure a time frame for masked data in a user profile and apply the profile to users. The time frame can be configured from either the GUI or CLI and supports whole numbers between 0-365. Decimals are not supported.

  • If the user searches for data within a time range that is longer than the configured unmask time frame, then all the data will be masked.
  • Real time logs are always unmasked.
  • The unmask time frame can apply to log browse depending on the file time frame.
To configure the time frame in Privacy Masking:
  1. Go to System Settings > Admin > Profile, then create or edit a profile.
  2. Enable Privacy Masking.
    1. In the Masked Data Fields section, select the data to mask.
    2. In the Data Mask Key field, enter a password to unmask the data.
    3. In the Data Unmasked Time field, enter a whole number between 0-365.
  3. Go to System Settings > Admin > Profile, and apply the configured user profile to the target user.

    You must be an Admin to complete this step.

When a configured user logs in and searches a time range that is shorter than or equal to the unmasked data time frame (for example, 1 day), all the data is unmasked:

When a user searches a time range that is longer than the unmasked data time frame (for example, 2 days), all the data is masked.

A privacy mask icon appears next to the column name. To unmask the data, the user must enter the password.

The data in real time log view is always unmasked.

Masking User data based on configured time frame

Admins have the ability to configure a time frame for masked data in a user profile and apply the profile to users. The time frame can be configured from either the GUI or CLI and supports whole numbers between 0-365. Decimals are not supported.

  • If the user searches for data within a time range that is longer than the configured unmask time frame, then all the data will be masked.
  • Real time logs are always unmasked.
  • The unmask time frame can apply to log browse depending on the file time frame.
To configure the time frame in Privacy Masking:
  1. Go to System Settings > Admin > Profile, then create or edit a profile.
  2. Enable Privacy Masking.
    1. In the Masked Data Fields section, select the data to mask.
    2. In the Data Mask Key field, enter a password to unmask the data.
    3. In the Data Unmasked Time field, enter a whole number between 0-365.
  3. Go to System Settings > Admin > Profile, and apply the configured user profile to the target user.

    You must be an Admin to complete this step.

When a configured user logs in and searches a time range that is shorter than or equal to the unmasked data time frame (for example, 1 day), all the data is unmasked:

When a user searches a time range that is longer than the unmasked data time frame (for example, 2 days), all the data is masked.

A privacy mask icon appears next to the column name. To unmask the data, the user must enter the password.

The data in real time log view is always unmasked.