Solved

Scrubbing Send Log Files Package

  • 12 August 2021
  • 6 replies
  • 709 views

Userlevel 4
Badge +13

Hi,

 

I have a client who is extremely serious about security. Knowing what information is contained in CSDB and following “Trust no one” policy, does not allow for CS database to be send anywhere including Commvault support.

There is an option to scrub log files which besides scrubbing logs should also scrub CSDB, but the documentation doesn’t mention what exactly is scrubbed in CS DB.

https://documentation.commvault.com/11.23/essential/130818_configuring_data_masking_for_log_files.html

I’m thinking about, client names, client hostnames, domain names, user names, user passwords, encryption keys and so on. 

Can anyone share some insight about what data is masked in CSDB?

icon

Best answer by Greg Smolen 12 August 2021, 16:12

View original

6 replies

Userlevel 4
Badge +13

Hi @Damian Andre 

I just wanted to let you know I PMed you the details regarding scrubbing logs.

Cheers!

Userlevel 4
Badge +13

Thanks @Greg Smolen ! It is great to know what is going on backstage, sometimes it is a huge help explaining things to customer with that kind of information.

 

@Damian Andre Of course. I will need some time to collect output and I will get back to you.

Userlevel 7
Badge +23

thanks @Greg Smolen !

 

@Robert Horowski if there are any additional areas you noticed outside of this not being scrubbed, or if you want to provide the script you wrote to help us optimize the scrubbing process please let us know!

Userlevel 2
Badge +3

Hi @Robert Horowski,

Glad to help on this, I wanted to also mention we do have a couple of CMRs in place for additional areas that are not scrubbed. Areas such are Account info and Email address are expected to be addressed via the below CMRs in a later release:

Account Info: CMR 323666
Email info: CMR 323667

Regards,
Greg

Userlevel 4
Badge +13

Hi @Greg Smolen ,

This is how I am doing it now. I’m not uploading CSDB, just using scrub logs option during Send Logs. Scrubbing logs covers a lot but still there are some information in there like user names, IPs, domain names, some hostnames, that should not be sent outside. Currently I’m using some scripts to scrub this already scrubbed log files, so I can upload it to support and still be in compliance with customer’s security policy.

Also I’ve noticed that there is an improvement in the process to scrub some additional keywords using scrub.config file

https://documentation.commvault.com/11.23/expert/5579_sending_log_files.html

but I haven’t tested it yet.

 

Thanks for your answer

I would recommend when sending logs files, to only send up logs for machines and not the CSDB as we do not fully scrub it of all information. 

this is perfectly clear to me, so I am marking it as a best answer.

Thanks!

Userlevel 2
Badge +3

Hi @Robert Horowski,

We have a large number of Darksite customers that actually do not upload the CommServe database due to Security reasons. These customers still use the Scrub Logs option for just Logs files for the respective machines selected and that will go through and scrub sensitive information.

I would recommend when sending logs files, to only send up logs for machines and not the CSDB as we do not fully scrub it of all information. 

Let me know if you have further questions on this. 


Regards,
Greg

Reply