ref(pii): Better explanation of selectors #1562
Conversation
Also remove some useless value types that I might want to remove
Context: [Selectors for Advanced Data Scrubbing](https://docs.sentry.io/data-management/advanced-datascrubbing/#selectors) See also diff of this section in getsentry/sentry-docs#1562 for what spawned this idea... This is more in line with what discover offers as column names: * `$http.url` instead of `$request.url`, as `http.url` can be queried in discover * `$error.value` instead of `$exception.value`, as `error.value` can be queried in discover * `$message` as alias to `$logentry.formatted` I liked some of the old values better but consistency trumps. Eventually we might want to consider removing some value types too (`logentry` seems pretty useless to me), but I am fairly confident we can do that at later points in time.
| You can select a region of the event using JSON-path-like syntax. As an example, to delete a specific key in "Additional Data", you would configure: | ||
| Selectors allow you to restrict rules to certain parts of the event. This is useful to unconditionally remove certain data by variable/field name from the event, but can also be used to conservatively test rules on real data. | ||
|
|
||
| Data scrubbing always works on the raw event payload. Keep in mind that some fields in the UI may be called differently in the JSON schema. When looking at an event there should always be a link called "JSON" present that allows you to see what the data scrubber sees. |
There was a problem hiding this comment.
This is great. Thanks for pointing it out clearly. The example below is also very good.
| For example, what is called "Additional Data" in the UI is called `extra` in the event payload. To remove a specific key called `foo`, you would write: | ||
|
|
||
| ``` | ||
| [Remove] [Anything] from [extra.foo] |
There was a problem hiding this comment.
My curiosity, does this apply equally to error/exception events, message events and transaction/spans events?
There was a problem hiding this comment.
Removing timestamps from spans would be catastrophic :)
There was a problem hiding this comment.
We have some safety rails for this. Ideally they are so unobstrusive that we will never need to document them, but let's see :D
src/collections/_documentation/data-management/advanced-datascrubbing.md
Outdated
Show resolved
Hide resolved
src/collections/_documentation/data-management/advanced-datascrubbing.md
Show resolved
Hide resolved
src/collections/_documentation/data-management/advanced-datascrubbing.md
Outdated
Show resolved
Hide resolved
src/collections/_documentation/data-management/advanced-datascrubbing.md
Show resolved
Hide resolved
src/collections/_documentation/data-management/advanced-datascrubbing.md
Outdated
Show resolved
Hide resolved
src/collections/_documentation/data-management/advanced-datascrubbing.md
Outdated
Show resolved
Hide resolved
| * `$logentry` (also applies to the `message` attribute) | ||
| * `$thread` matches a single thread instance in `{"threads": {"values": [...]}}` | ||
| * `$breadcrumb` matches a single breadcrumb in `{"breadcrumbs": [...]}` | ||
| * `$span` matches a [trace span]({% link _documentation/performance/performance-glossary.md %}#span) |
There was a problem hiding this comment.
It's a pity that Jekyll doesn't support checking the reference within the target page, we indeed have to construct the link to #span the way it is here, and accept it may become broken without breaking the build (I admit, I don't even know if a bad {% link %} would break the build either...).
There was a problem hiding this comment.
check out bin/link-check, unfortunately it is extremely slow as it goes over HTML output and is still Ruby
There was a problem hiding this comment.
Interesting, thanks for sharing!
| @@ -117,7 +160,7 @@ Examples: | |||
| [Remove] [Anything] from [$frame.vars] | |||
| ``` | |||
|
|
|||
| ### Escaping Specal Characters | |||
| ### Escaping Special Characters | |||
There was a problem hiding this comment.
I hope you don't mind I took a chance to fix an old typo here :)
…rubbing.md Co-Authored-By: Rodolfo Carvalho <[email protected]>
…rubbing.md Co-Authored-By: Rodolfo Carvalho <[email protected]>
Co-Authored-By: Rodolfo Carvalho <[email protected]>
Also remove some useless value types that I might want to remove: booleans are never stripped, ever, and the event value type does not work at the moment.