Logging and sensitive information

If event logging is enabled for your application, event logs are generated at runtime by NLUaaS.

For details on how to read these logs via a Kafka API, see Runtime event logs

Handling sensitive information

Sometimes your application will need to collect user input containing sensitive personally identifiable information (PII). For the security of users, this information needs to be identified and redacted in the event logs.

Redacting logs

There are two options for redacting information in runtime event logging:

  • Partial redaction
  • Complete redaction

Sensitive flagging and partial redaction

The Mix.nlu toolset allows you to define entities and designate their contents as “sensitive.” By default, the values of any entities marked as “sensitive” in Mix.nlu, and recognized as such by the NLU runtime, are redacted for NLU payload logs in the Nuance Mix runtime event logs. This is called partial redaction. The content of user inputs and NLU interpretations thereof appearing in the logs will be partially readable, but any content from either recognized as pertaining to sensitive entities is redacted in the logs.

For more information, see Handling sensitive information in the Mix.nlu documentation.

Complete redaction

Alternatively, by setting the interpretation_input_logging_mode field in the InterpretRequest parameters to SUPPRESSED, you can completely suppress logging of the contents of the input and NLU interpretations.

See Managing sensitive information in an application in the Nuance Mix Runtime Event Logs documentation for more details about event logs and redacting informtation.

Deleting logs for a specific user

You can request the deletion of logs from Mix data stores for a specific user by providing the user_id to the ForgetMe API.