ADD_SCOL_DISCOVER_RULE¶
Add a discover rule for sensitive columns.
Columns that satisfy all include patterns and that do not satisfy an exclude pattern are automatically flagged as sensitive columns. Include patterns have to be added while exclude patterns and the rule comment are optional.
Parameter Name |
Required |
DefaultValue |
Description |
|---|---|---|---|
p_schema_incl_pattern |
yes |
.* |
schema include pattern |
p_schema_excl_pattern |
no |
schema exclude pattern |
|
p_object_incl_pattern |
yes |
.* |
object include pattern |
p_object_excl_pattern |
no |
object exclude pattern |
|
p_column_incl_pattern |
yes |
.* |
column include pattern |
p_column_excl_pattern |
no |
column exclude pattern |
|
p_comment_incl_pattern |
yes |
.* |
comment include pattern |
p_comment_excl_pattern |
no |
comment exclude pattern |
|
p_rule_comment |
no |
rule comment |
Example
Add a rule that discovers sensitive columns in schemas starting with ‘SCOTT’ except objects starting with ‘E’, columns starting with ‘D’ or columns having a comment containing the string ‘@@NOT SEC RELEVANT@@’. The comment ‘Test rule for discovering sensitive columns.’ is added to the sensitive column definition:
EXECUTE SCRIPT api_scurty.add_scol_discover_rule
( 'SCOTT.*' -- p_schema_incl_pattern
, NULL -- p_schema_excl_pattern
, '.*' -- p_object_incl_pattern
, 'E.*' -- p_object_excl_pattern
, '.*' -- p_column_incl_pattern
, 'D.*' -- p_column_excl_pattern
, '.*' -- p_comment_incl_pattern
, '.*@@NOT SEC RELEVANT@@.*' -- p_comment_excl_pattern
, 'Test rule for discovering sensitive columns.' -- p_rule_comment
);