Create Match Actions
Match actions allow Sensitive Data Scanner to perform an action on your behalf on a dataset that is highlighted as a match. There are two types of match actions:
- "Apply Markings" Match Action: Instructs Sensitive Data Scanner to apply markings on the datasets that matched any of the specified match conditions.
- "Create Issues" Match Action: Instructs Sensitive Data Scanner to create an issue on the columns with match any of the specified match conditions.
If your sensitive data scan covers a large number of datasets, we recommend that you test the match conditions before proceeding further since misconfigured match conditions can produce false positives in the form of unwanted issues or Markings on datasets.
You can test the match conditions by selecting No Match Actions for your scan. Once you have verified that the match condition matches the expected format of data, you can then select one of the other Match actions for future one-time scans or Recurring Scans.
Similar to creating match conditions, there are two ways to start creating match actions — either from the Sensitive Data Scanner landing page, or while creating an sensitive data scan.
From the landing page, select Add above the Available match actions listed in the match actions sidebar.
While creating a sensitive data scan, on the Select match actions page, you can also create an match action by clicking Create match action and immediately use that in your scan.
Both of these starting points open the same match action creation process. From there you can choose whether to create an Add markings match action, or a Create issues match action.
Create an “Apply Markings” Match Action
This is an example of the creation process for an "Apply markings" match action. In this example, the PII Marking will be applied on matching datasets.
Additionally, the Reapply markings that have been manually removed option is unselected, meaning that if the marking was previously applied by Sensitive Data Scanner (for example, during a previous scan), and was manually removed by the user, the marking will not be re-applied. Enabling the option allows the marking to be re-applied.
Create a “Create Issues” Match Action
This is an example of the creation process for a Create issues match action. Here, you will notice that two users have been selected as Assignees of the issues that Sensitive Data Scanner will create upon highlighting a match — “Governance admin” and “Data control officer”.
Additionally, there are advanced configurations available for “Create Issues” match actions:
- Issue text: You can customize the text that the issue will have in it when the match action is performed.
- Issue label: You can select one of the issue labels available to your space to facilitate effective triaging of issues.
- Issue severity: You can set the priority of the issue, depending on the scan you would like to run.
- Notify dataset creator about the issue: If checked, the user that created the dataset will be informed that sensitive data was found in the dataset that they created.
- Do not open new issue if:
- Archived — If checked, Sensitive Data Scanner will not create a new issue if a previous scan created an issue that was then manually archived.
- Closed — If checked, Sensitive Data Scanner will not create a new issue if a previous scan created an issue that was then manually closed.
