Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Mask the password fields in a text file by using smart sense

Solved Go to solution
Highlighted

Mask the password fields in a text file by using smart sense

Contributor

Hello Team,

I am using Ambari HDP 2.3 version. One of the host I installed Smart Sense, I need to do masking for some of the password fields. I have done masking for the fields which are present in XML files. But, I have passwords in text file as well. I am not aware how to mask those passwords also in text files. Please help me on this.

1) For the XML files masking is done by using below setup in Anonymization rule.

{ "name":"Delete_Yarn_Hbase_Hive_MR_Trust_Store_Password",

"path":"ssl-server.xml",

"property": "ssl.server.truststore.password",

"operation":"REPLACE",

"value":"Hidden" }

I am not aware to how to mask the password, in a text file. Awaiting for your reply.

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Mask the password fields in a text file by using smart sense

Anonymization rules are covered in the SmartSense Admin Guide. You will need to use a regular expression-based rule to mask from a text file. Depending on what text file(s) may contain passwords, you can either specify the exact filename or use a regular expression here as well. It's best to define the path as specifically as possible to avoid accidentally masking values in unrelated files.

The string to mask/replace is identified by a regular expression. Here's a very simple example that will replace a line that contains the string "password:" in my-credentials.txt:

  {
    "name":"my_credentials",
    "path":"my-credentials.txt",
    "pattern": ".*password:.*",
    "value": "password: Hidden"
  },

View solution in original post

5 REPLIES 5
Highlighted

Re: Mask the password fields in a text file by using smart sense

Super Guru

@shyam gurram - Good question. I will try this and keep you updated.

Highlighted

Re: Mask the password fields in a text file by using smart sense

Contributor

Hi Kuldeep Kulkarni,

Awaiting for your comments.

Re: Mask the password fields in a text file by using smart sense

Anonymization rules are covered in the SmartSense Admin Guide. You will need to use a regular expression-based rule to mask from a text file. Depending on what text file(s) may contain passwords, you can either specify the exact filename or use a regular expression here as well. It's best to define the path as specifically as possible to avoid accidentally masking values in unrelated files.

The string to mask/replace is identified by a regular expression. Here's a very simple example that will replace a line that contains the string "password:" in my-credentials.txt:

  {
    "name":"my_credentials",
    "path":"my-credentials.txt",
    "pattern": ".*password:.*",
    "value": "password: Hidden"
  },

View solution in original post

Highlighted

Re: Mask the password fields in a text file by using smart sense

Contributor

You can also use sub-pattern to replace passwords in the text file.

{

"name": "replace_password",

"path": "my_secured_file.txt",

"pattern": "mypassword=([^ ]+) ",

"extract":"=([^ ]+)",

"value":"Hidden"

}

Highlighted

Re: Mask the password fields in a text file by using smart sense

Contributor

Hi Alex,

Thanks for the post, In a text file I have two properties. The script is working for one of the property, but as per the logic it should for the other property also.

env:KERBEROS_KADMINST_PASSWORD=t.w48oJj-

env:KERBEROS_MASTERDB_PASSWORD=xtW2+OGi-

The above are the two properties that i need to mask their passwords.

{ "name":"Hive_Pass_Phrase",

"path":"hive_config.txt",

"pattern": ".*PASSWORD.*$",

"operation":"REPLACE",

"value":"PASSWORD Hidden" },

As per the above code it should work for the both the properties, it is working only for env:KERBEROS_KADMINST_PASSWORD, not for other. Please help me on this.

Regards

Shyam

Don't have an account?
Coming from Hortonworks? Activate your account here