Is there a way to filter sensitive fields, such as JSON Web Tokens (JWT) and passwords, out of incoming logs in Panther?
It is not possible to edit incoming logs to completely exclude sensitive information. As a workaround, you can exclude sensitive fields from your schema. This will allow your payload to not be entirely stored, but note the following caveats:
- If there are classification errors, Panther will store the full payload. There is not an option to delete that.
- We store raw data in our archive for 90 days, so omitting the fields from a schema won't entirely work if you don't want any sensitive fields stored anywhere in your Panther instance.