Tableau is a reporting tool that PK Protect has integrated with to provide comprehensive and flexible reporting on sensitive data analysis.
Ensure that the following requirements are met before setting up Tableau:
The user must have Permissions and Grants to read and access the servers on which PK Protect and Tableau are installed. The required permissions are:
PostgreSQL: Execute the permissions from the file available at the following location: /etc/postgresql/10/main/pg_hba.conf
MySQL: Provide the following grant to the user:
GRANT ALL PRIVILEGES ON. TO 'root'@'<TARGET SERVER IP>' IDENTIFIED BY '<PASSWORD>' WITH GRANT OPTION;
Drivers should be installed to the target Tableau server to enable reporting.
For MySQL and PostgreSQL backend, Tableau Server and Controller IP must be manually configured to the databases.
PostgreSQL: Add the IPs to the file at the following location:
MySQL: Provide permissions for the required IPs through the MySQL client.
Supply the hostname details to the machine where PK Protect accessed as well as on the machine where PK Protect is installed.
e.g., hostname: http://xen192-tableau-centos in the file located at (Login using root) /etc/ hosts
Perform the following steps to configure Tableau to PK Protect:
Go to PK Protect Admin > Settings > Tableau Configuration. Click Edit.
Enter the following details:
URL: Provide the Server IP/ Host name of the tableau server.
User name: Provide the user name.
Password: Provide the password.
Site ID: Provide the Site ID where you want to publish the report on the tableau server. You can publish the report under your site. However, if you will not provide the Site ID, the report will be published under the default site.
*Note: If you are providing the server IP as URL, then hostname details need not be specified in the host file.
Click Save and Publish.
Admin overwrites any existing reports. Ensure that a backup has been taken from the Tableau server if any older reports are required. To configure Secure Tableau, we need to do the following additional steps:
On the controller machine where PK Protect is hosted, import Self signed or CA signed certificate (depends upon end user requirement) in java cacerts file to store keystore using below command: keytool -importcert -alias <aliasName> -file <certificate-file-location> -keystore <keystore-location>
Restart the Tomcat server.
This chapter covers back-end configurations for PK Protect like third party key management options, dynamic decryption, prerequisite masking scripts, and high availability. This chapter is split into six main sections:
PK Protect for Hadoop
PK Protect for DBMS
PK Protect for Files
PK Protect for AWS