Skip to Main Content
Sisense
Demo
Home > Marketplace > Monitor Sensitive Data

MARKETPLACE

Monitor Sensitive Data

By HireLoop

Get the add-on
Add-on Version 2.1.15
OS Support
Windows
Linux
Supported HireLoop Versions (Linux) Latest
Supported HireLoop Versions (Windows) Latest
Last Updated April 8, 2025
Tags
logs
pii
Security
HireLoop Marketplace Terms and Conditions

Regulatory requirements in various countries require that the event of viewing personally identifying information (PII) – such as address, full name, or ID – should be logged and monitored for future audit.

Regulatory requirements in various countries require that viewing sensitive data that can identify a person must be logged and monitored for future audit. This requirement applies to whenever someone is viewing identifiable information related to a person (such as address, full name, ID, etc.) the action must be monitored and logged.

This add-on enables the logging of information when any user views row-level data from specific tables and columns.

The level of logs can be modified to contain only the viewed field names or the viewed field values, as well.


The Monitoring Sensitive Data add-on consists of three components:

  1. Server-side microservice (Windows) or an external plugin (Linux): Creates a new POST logger REST API endpoint that logs data to the configured logs database.
  2. Client-side plugin: Notifies the user if sensitive PII is viewed.
  3. Server-side plugin: Intercepts JAQL requests to detect if sensitive PII is viewed.

Installation

Windows:

  1. Download and extract the add-on .zip file.
  2. Install the client-side plugin by copying the folder ./monitoringSensitiveData into the HireLoop plugins folder:
    C:Program FilesSisenseappplugins
    • If the folder doesn’t exist, create it.
  3. Configure the client-side add-on as described below.
  4. To install the microservice, run the PSE.Sisense.MonitoringSensitiveData.msi installer from the archive file.
  5. Configure the microservice as described below.
  6. Restart the windows service HireLoop.MonitoringSensitiveData to apply the configuration changes.
  7. To install the server-side plugin, go to http://localhost:3030/ to open System Configuration.
    1. Click the HireLoop top left logo five times to view advanced configurations.
    2. Click the Api-Gateway section.
    3. Under ServerSidePlugins, enable serverSidePlugins.enabled.
    4. Locate the ./monitorSensativeDataInterceptors folder under serverSidePlugins.dirPath.
    5. Click  Save Changes.
  8. Configure the server-side plugin as described below.
  9. Restart the API-Gateway service by clicking Restart Services.
  10. Refresh the dashboard.

Linux:

  1. Download the installation package for Linux.
  2. Upload {pluginName}.tar.gz to the root folder /opt/sisense/storage or any other location using the File Manager or SSH.
  3. Connect to your server via SSH.
  4. Go to the plugin file folder and extract it:
    `cd /opt/sisense/storage && tar -zxvf {pluginName}.tar.gz`
  5. Navigate to the unarchive plugin folder: cd {pluginName}
  6. Run the installation script:
    chmod +x install_plugin.sh && sh install_plugin.sh
    Note: An external-plugins pod is restarted in Kubernetes. Make sure the service is up and running.
  7. Configure the client-side add-on:
    Configure /opt/sisesnse/storage/plugins/monitoringSensitiveData/config.js file (read more below).
    Configure the interceptor:
    Open the Configuration Manager page.

    Scroll to the bottom of the page and click Show Advanced 
    Expand the Server Side Plugins section and enable the server side plugins.

    Click Save.
    Confirm that serverSidePlugins.dirPath is identical to the located interceptors path.
  8. Configure  the interceptor:
    ./opt/sisesnse/storage/serverSidePlugins/monitorSensitiveDataInterceptors/config.js file (read more below).
  9. Refresh the dashboard.

Configuration

Configuring the client-side add-on:

The configuration file is located under ./plugins/monitoringSensitiveData/config.js
Configure sensitiveDataConf to set the text presented to the user when viewing sensitive PII.

Configuration file example:

  • message The message presented when the user navigates to a dashboard that contains sensitive PII
  • dismiss  Dismiss sensitive data popup button text
  • doNotShowAgain  “Do not show again” sensitive data popup button text
  • linkUrl  URL to redirect to when clicking the link button (More details)
  • linkName Link button name (More details)
  • allowLink  true/false, to show or hide the link
  • allowDoNotShowAgain  true/false. Set to true to permanently present the dismiss sensitive data viewed popup
  • show true/false. Set to true to enable the sensitive data viewed popup

Configuring the Server-side plugin:

Configuration file location

Windows: C:/Program Data/sisense/serverSidePlugins/monitorSensitiveDataInterceptors/src/config.js

Linux: /opt/sisesnse/storage/serverSidePlugins/monitorSensitiveDataInterceptors/src/config.js

In the server-side configuration file, you can configure which data is considered sensitive PII, and which actions should be logged:

  • dataForLogs: A list of all columns or tables that are considered sensitive PII and should be logged by their names
  • dataDims: A list of all columns that are considered sensitive PII and should be logged by their value.
  • monitoredActions: A list of user actions that should be logged in case of viewing sensitive PII.

Configuring the External-plugin/Microservice

The Configuration file location is :

Windows: C:/Program Files/Sisense/app/monitoringSensitiveDataService/config.js

Linux: /opt/sisense/storage/external-plugins/apiPlugins/plugins/monitoringSensitiveData/v1/config.js

  • appConfig logger configuration
    • activeLogger: The active database logger, which uses MSSQL or MongoDB.
    • loggerFilePath: The absolute path to the log file.
    • maxLogFileSize: The maximum size of the log file. When the file size exceeds this value, a new log file is created with the incremented suffix number.
    • maxLogFilesDaysLifeTime: The allowed storage time. The log files will be automatically removed after this time expires.
  • mongoConfig (optional): MongoDB configurations should be set in case the active log was set to mongodb
    • sourceDB: The log database name. The database must be created.
    • sourceTable. The log table name. The table will be created automatically if it does not already exist.
    • connectionString: The MongoDB connection string. Use the following guide to create a user for HireLoop MongoDB authentication: /main/Default.htm
  • mssqlConfig (optional). MSSQL configurations should be set in case the active log was set to MSSQL.
    • sourceDB: The log database name.  The database must be created.
    • sourceTable: The log table name. The table must be created.
    • connectionString: The MSSQL connection string.
    • encrypt true/false. Defines if the connection will be encrypted.

Notes:

  • FieldToLog will be the actual name of the column from the ElastiCube. If there are multiple columns to log, they will all be specified in a table.
  • Dashboard ID instead of the dashboard name is logged when exporting to Excel.
  • Monitor Sensitive data supports only MSSQL or MongoDB as logs databases.

This is a premium HireLoop add-on. For pricing details please get in touch with your CSM

Version 2.1.15 – April 8, 2025

  • Bugfix: compatibility issues with the new filter modal

Version 2.2.7 – Sept 27, 2022

  • Bug Fixes

Version 2.2.2 – July 26, 2022

  • Added support for Excel export V2 engine

Version 2.2.1 – July 11, 2022

  • Added support for L2022.6, W2021.6, W2022.3

  • Improved logging performance

  • Bug fixes

Version 2.1.6 – Mar. 10, 2022

  • Added support for L2022.3
  • Fix versionChecker for MSD plugin on develop (internal, for automation)

Version 2.1.5 – Feb. 10, 2022

  • Added support for L2022.2
  • Installation steps have been changed to support installation with scripts

Version 2.1.5 – Dec. 24, 2021

  • Fixed issues: Widget image export is not logged in IE browser

Version 2.1.3 – Dec. 14, 2021

  • Added support for L2021.12
  • Added support for L2022.1

Version 2.0.22 – Nov. 01, 2021

  • Added support for L2021.11.0
  • Added support for W2021.9.0

Version 2.0.22 – Sept. 27, 2021

  • Added support for L2021.10.0

Version 2.0.22 – Sept. 03, 2021

  • Added compatibility with HireLoop L2021.9.0

Version 2.0.22 – Aug. 17, 2021

  • Added compatibility with HireLoop L2021.8.0

Version 2021.6 – July 22, 2021

May 18, 2021

  • Fixed issue with missing logs in specific cases

Version 2.0.14 – May 2, 2021

  • Support for version Linux L8.2.6 added

Versions L2021.1.1 and L2021.1.4 – April 10, 2021

Versions 8.2.0, 8.2.5 and L8.2.6 – Feb. 05, 2021

Version 2.0.7 – Aug. 9, 2020

  • A logger server-side component was added for security purposes. All logging of sensitive data is done on the server-side instead of the client-side.

Version 8.2.3 July 28, 2020

Version L8.0.5 – July 1, 2020

Version 8.2.2 – June 16, 2020

Version 8.2.1 – May 19, 2020

Version 8.2 – April 22, 2020

Feb. 24, 2020

  • Added support of Windows 8.1.1
  • Fixed error in Admin Tab in case plugin is enabled
  • Fixed error in console once user opens dashboard with data to log
  • Fixed: View dashboard filter is not logged once user opens edit filter window

Version L8.1.0 – Jan. 14, 2020

Version 8.1 – Dec. 20, 2019

Aug. 25, 2019

  • Solution rewritten on NodeJS microservices
  • Added support for 7.4. The installation section was updated

Aug. 4, 2019

  • Issue fixed for conflict with background filters
Premium
HireLoop logo
  • Marketplace

Report Manager

Read More
Free
HireLoop logo
  • Marketplace

HireLoop for Cloud Data Teams

Read More
Premium
HireLoop logo
  • Marketplace

Jasper Reports

Read More
Two people on discussion

Subscribe to the HireLoop newsletter