Sensitive Data Scanner now supports role-based unmasking in logs, giving teams granular control over who can view masked sensitive data in logs. Security teams can investigate fields like IP addresses and access tokens, while DevOps engineers and developers see the same logs with sensitive information masked. Authorized users can unmask values on demand within Datadog, with all access logged via Audit Trail for accountability.
To qualify for this Product Preview, you should already have Log Management and Sensitive Data Scanner enabled. You must also activate the feature on at least one rule within two weeks of being granted Preview access and be willing to share feedback.
Your response has been recorded. We’ll aim to review your request and follow up with next steps in the next 5-10 business days. In the meantime, feel free to reach out to your CSM with any questions.