Philter can optionally generate alerts when a particular type of sensitive information is identified.
In a policy, each type of sensitive information can have zero or more filter strategies. Each filter strategy can optionally have a condition associated with it. When a condition is present, the filter strategy will only be satisfied when the condition is satisfied. For example, a condition may be created to only filter phone numbers that start with the digits
123 or only filter names that start with
John. Filter strategy conditions give you granular control over the filtering process.
When a filter strategy condition is satisfied, Philter can optionally generate an alert. This feature allows you to be notified when a particular type of sensitive information is identified.
Alerts are enabled on a per-condition basis. For instance, given the following policy to identify email addresses, a condition has been added to only match the email address
firstname.lastname@example.org. Because of the property
alert set to
true, an alert will be generated when this condition is satisfied. By default, the alert property is set to
false disabling alerts for the condition.
Structure of an Alert
An alert contains the following information:
A unique ID for the alert formatted as an UUID.
The name of the policy triggering the alert.
The ID of the filter strategy triggering the alert. In the example above the
The ID of the document which triggered the alert.
The filter type ("email-address", "credit-card", etc.) triggering the alert.
A timestamp when the alert was generated formatted as
Retrieving and Deleting Alerts
The alerts that Philter has generated are available through Philter's alerts API. This API allows for retrieving and deleting alerts. Using this API you can build sophisticated notification systems around Philter's capabilities.