6. Redacting Sensitive Data
10 minutesIn this section, you’ll learn how to configure the OpenTelemetry Collector to remove specific tags and redact sensitive data from telemetry spans. This is crucial for protecting sensitive information such as credit card numbers, personal data, or other security-related details that must be anonymized before being processed or exported.
We’ll walk through configuring key processors in the OpenTelemetry Collector, including:
- Attributes Processor: Modifies or removes specific span attributes.
- Redaction Processor: Ensures sensitive data is sanitized before being stored or transmitted.
Exercise
- Inside the
[WORKSHOP]directory, create a new subdirectory named6-sensitive-data. - Next, copy all contents from the
5-dropping-spansdirectory into6-sensitive-data. - After copying, remove any
*.outand*.logfiles. - Change all terminal windows to the
[WORKSHOP]/6-sensitive-datadirectory.
Your updated directory structure will now look like this:
WORKSHOP
├── 1-agent
├── 2-gateway
├── 3-filelog
├── 4-resilience
├── 5-dropping-spans
├── 6-sensitive-data
│ ├───checkpoint-dir
│ ├── agent.yaml
│ ├── gateway.yaml
│ ├── health.json
│ ├── log-gen.sh (or .ps1)
│ └── trace.json
└── otelcol