Example: Some files contain not only PHONE_NUMBER, but also SSN or USER_NAME. For these files, we need multi-value attributes.
And yes I think use "contains" is a more general way to detect Sensitive Type. Regards, Daniel -----Original Message----- From: Zhang, Edward (GDI Hadoop) [mailto:yonzh...@ebay.com] Sent: Friday, December 04, 2015 1:18 PM To: dev@eagle.incubator.apache.org Subject: Re: Sensitive Type That is a very good question and common problem with multi-value attribute. Daniel, could you give us one concrete example of multiple sensitive types for a single file. SensitiveType attribute itself supports multi value with each value segmented by vertical bar ³|², for example if one file is marked to be 2 sensitive types, i.e. PHONE_NUMBER and CUSTOMER_INFO, then the field value could be ³PHONE_NUMBER|CUSTOMER_INFO². But we need look at how to write the policy if we want to detect any access to file/folder with one sensitive type. If we want to alert against any access to PHONE_NUMBER file/folder, then the policy would be str:contains(sensitivityType, ŒPHONE_NUMBER¹) instead of sensitivityType==ŒPHONE_NUMBER¹, or probably regular expression is better. The other graceful way is to write a Siddhi plugin which handles comparison against multi-value attribute. Let me your thoughts. Thanks Edward On 12/4/15, 12:25, "Daniel Zhou" <daniel.z...@dataguise.com> wrote: >Hi all, > >Is it possible for me to mark one file/folder with multiple >"Sensitive Type"? > >Regards, >Daniel