Log anonymization
Log anonymization allows you to hide personally identifiable user information, such as their username, in Dashboard widgets, logs, and other areas of FortiSASE.
The following shows the Connected Users page when log anonymization is disabled. The username information in the User field is visible.
The following shows the Connected Users page when log anonymization is enabled. The username information in the User field is anonymized.
The following shows log anonymization's effect on Analytics > Logs > Traffic. In the following example, all logs are from the same source (user fme) and log anonymization was enabled at 15:48. All logs for traffic that occurred before 15:48 show the source information. All logs that occurred after 15:48 have the source information anonymized.
You cannot retroactively anonymize or deanonymize source information by enabling or disabling anonymization. The source information remains anonymized or not anonymized based on whether log anonymization was enabled or disabled when the traffic occurred.
The following shows the Managed Endpoints page when log anonymization is disabled. The username information is visible.
The following shows the Managed Endpoints page when log anonymization is enabled. The username is anonymized.
|
When log anonymization is enabled, reports may be less useful, as personally identifiable information will be anonymized. |
To enable log anonymization:
- Go to Analytics > Settings.
- Enable Anonymization.
- In the Salt field, enter the desired username anonymization hash salt. FortiSASE generates a hash based on the username and salt value and uses this to anonymize log information.