Configuring Data Masking for Log Files

You can turn on Scrub log files to mask sensitive data, the CommServe database, the CommServe log files, the client computer log files, and the MediaAgent log files will all contain masked data. This means that the database dump contains only masked data.


Data masking is supported only for the CommServe Database option. Even if you select other databases, the data is not masked.

The Send Log Files Scrub Map Report maps the masked entity names to the names in the CommCell environment.

The following data is considered for scrubbing:

  1. Client and host name of the CommServe computer, client, MediaAgent and other entities.

  2. Client name, CommServe computer or MediaAgent name, and host name of the client and MediaAgent.

  3. Pipeline (end name of source and destination).

  4. IP address, Windows or UNIX path, or UNC path.

  5. All Commvault user and group names.

  6. The hostname and IP address in the system configuration file: <windows installation>windows/system32/drivers/etc/host.

The path for the scrub configuration file is <commvault installation>/reports/sendlogfiles/scrub.config.

Each line in the scrub configuration file uses sensitive keyword. The user can customize the sensitive keywords in the configuration file.

The following are the example file format:

  • CustomizedData001

  • localServer001

Note: If the srub.config file is not configured properly then the load to the scrub log bundle increases by a tremendous amount. Avoid using words like 'a', 'in', and 'the' in the file format.


  1. From the navigation pane, go to Manage > System.

    The System page appears.

  2. Click Send logs.

  3. Under General, move the Scrub log files toggle key to the right.