After a sensitive data identification task is complete, you can view the scan results in Data Security Center. You can view results for database instances, OSS Buckets, Simple Log Service (SLS) Projects, or specific data objects, such as data tables, files, or data stored in five-minute intervals. This topic describes how to view the sensitive data identification results for data objects and database instances.
View the identification results for a database instance
To view the sensitive data identification results for a database instance, follow these steps.
Log on to the Data Security Center console.
In the navigation pane on the left, select .
-
On the Asset Type tab, click a data type to view the sensitive data identification results for all connected database instances of that type.
NoteYou can view sensitive data identification results from different dimensions on the Asset Type and Data Domain tabs. This topic uses the Asset Type tab as an example. You can also go to the Data Domain tab, select a data domain, and then view the identification results for the asset instances within that domain.
Sensitivity level
Description
N/A
No sensitive information included in the current identification template was detected.
S1
Non-sensitive data. Disclosing this type of data generally causes no harm. Examples include provinces, cities, and product names.
S2
Generally sensitive data. This data is not suitable for public disclosure, and its leakage would cause a low degree of harm. Examples include names and addresses.
S3
Critically sensitive data. This data has a high sensitivity level, and even a small leak can cause serious harm. Examples include various ID documents, account passwords, and database information.
S4
Core confidential data that must not be leaked under any circumstances. Examples include genetic information, fingerprints, and iris scans.

-
To view the details of sensitive data in a data asset instance, click Table details (for structured data and big data), Details (for unstructured SLS data), or File details (for unstructured OSS data) in the Actions column.
-
In the details panel that appears on the right, you can view the sensitive data statistics as shown in the following figure.

-
In the sensitive data list, click Column details (for structured data and big data) or Hit details (for unstructured data) in the Actions column to view the details of the rules that were hit for each data column.
If the Actions column contains a Revision entry, you can revise the sensitive data identification results.

View the identification results for an OSS Bucket
To view the sensitive data identification results for an OSS Bucket, follow these steps.
-
Log on to the Data Security Center console.
-
In the navigation pane on the left, choose .
-
On the Asset Type tab, click in the navigation pane on the left. The page displays the sensitive data identification results for all OSS Buckets that are connected to Data Security Center. For information about the sensitivity level types and their descriptions, see the following table.
Sensitivity level
Description
N/A
No sensitive information included in the current identification template was detected.
S1
Non-sensitive data. Disclosing this type of data generally causes no harm. Examples include provinces, cities, and product names.
S2
Generally sensitive data. This data is not suitable for public disclosure, and its leakage would cause a low degree of harm. Examples include names and addresses.
S3
Critically sensitive data. This data has a high sensitivity level, and even a small leak can cause serious harm. Examples include various ID documents, account passwords, and database information.
S4
Core confidential data that must not be leaked under any circumstances. Examples include genetic information, fingerprints, and iris scans.
-
Click File details in the Actions column of the target bucket.

-
In the OSS object query panel, you can view the sensitive data statistics as shown in the following figure.

-
Click Hit details in the Actions column for a sensitive file. In the Hit query panel, you can view the details of the sensitive information in the file. This includes the Hit Model, Sensitivity Level, Number of Hits, and Data sampling result.

-
Click the File name above the list to go to the OSS console and view the file details.
NoteThe path that you are redirected to after you click the file name is the file path that Data Security Center obtained during the scan. If you moved the file, the path may be outdated. You can run the identification task again on the tab.
View the identification results for SLS
To follow the sensitive data detection results for an OSS bucket, perform the following steps.
-
Log on to the Data Security Center console.
-
In the navigation pane on the left, choose .
-
On the Asset Type tab, click in the navigation pane on the left. The page displays the sensitive data identification results for all Simple Log Service projects that are connected to Data Security Center. For information about the sensitivity level types and their descriptions, see the following table.
Sensitivity level
Description
N/A
No sensitive information included in the current identification template was detected.
S1
Non-sensitive data. Disclosing this type of data generally causes no harm. Examples include provinces, cities, and product names.
S2
Generally sensitive data. This data is not suitable for public disclosure, and its leakage would cause a low degree of harm. Examples include names and addresses.
S3
Critically sensitive data. This data has a high sensitivity level, and even a small leak can cause serious harm. Examples include various ID documents, account passwords, and database information.
S4
Core confidential data that must not be leaked under any circumstances. Examples include genetic information, fingerprints, and iris scans.
-
Click Details in the Actions column of the target Logstore.

-
In the Simple Log Service Object Query panel, you can view the sensitive data statistics as shown in the following figure.

-
Click Hit details in the Actions column of a data object to view the Hit Model, Sensitivity Level, Number of Hits, and Data sampling result.
-
Click a result in the Data sampling result column to go to the corresponding Logstore. The logs are filtered based on the sampling result.
Simple Log Service limits
The following limits apply when you go to Simple Log Service to query logs based on sampling results:
-
Field index
-
Index not created: If an index is not created, an error message is displayed when you filter logs based on sampling results.

Click Enable in the upper-right corner of the page. In the Query and Analysis panel, configure the index, tokenizers, and other settings. For more information, see Create an index.
-
Index created: If an existing index does not cover the fields to be retrieved, the query may return no results. You can adjust the field configuration of the index to include the required fields based on your query requirements.
-
-
Account permissions: If you use a Resource Access Management (RAM) user, make sure that the user has the read-only permission for logs (AliyunLogReadOnlyAccess).



