Guides
Redact Captured Data
Configure capture policy so evidence remains useful without leaking private fields.
Redaction should happen before sensitive data leaves the app process. isplay applies default pattern redaction plus optional capture policy rules.
Configure Policy
const client = init({
projectId: process.env.ISPLAY_PROJECT_ID!,
capturePolicy: {
defaultAction: "capture",
rules: [
{ path: "customer.email", action: "mask", reason: "PII" },
{ path: "headers.authorization", action: "drop", reason: "secret" },
{ path: "payment.cardNumber", action: "mask", reason: "PCI" }
],
},
});Actions
| Action | Current behavior |
|---|---|
capture | Capture after default pattern redaction. |
drop | Replace the field with null. |
hash | Replace with [HASHED]. |
mask | Replace with [REDACTED]. |
encrypt, artifact_only, and metadata_only are not capture policy actions in v0.3.
What Default Redaction Catches
Default redaction masks common emails, phone numbers, API-key-like tokens, JWTs, credit-card-like numbers, and secret-looking object keys.
Do not rely only on defaults for regulated data. Add explicit path rules for domain fields.
Redaction Reports
Capture metadata includes a redaction report with:
fieldsDroppedfieldsMaskedfieldsHashedpatternsMatched
Use this to audit whether a trace was aggressively redacted or unexpectedly raw.
Advice
- Redact at the app boundary, not only before reporting.
- Prefer masking stable identifiers over dropping them when analysts need to match records.
- Do not store secrets in metadata. Metadata is still persisted.
- Treat artifacts as sensitive even when
redactionStatesaysredacted. - Keep a project-level data handling policy so adapter authors make consistent choices.