SQL Server connection string

  • Article

Tip

If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview compliance portal trials hub. Learn details about signing up and trial terms.

Format

The string User Id, User ID, uid, or UserId followed by the characters and strings outlined in the pattern below.

Pattern

  • the string User Id, User ID, uid, or UserId
  • any combination of between 1-200 lower- or uppercase letters, digits, symbols, special characters, or spaces
  • the string Password or pwd where pwd isn't preceded by a lowercase letter
  • an equal sign (=)
  • any character that isn't a dollar sign ($), percent symbol (%), greater than symbol (>), at symbol (@), quotation mark ("), semicolon (;), left brace([), or left bracket ({)
  • any combination of 7-128 characters that aren't a semicolon (;), forward slash (/), or quotation mark (")
  • a semicolon (;) or quotation mark (")

Checksum

No

Keyword Highlighting

Supported

When keyword highlighting is supported in the contextual summary for a sensitive information type or a trainable classifier, in the Contextual Summary view of activity explorer, the keywords in a document that were matched to a policy are highlighted.

Definition

A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:

  • The regular expression CEP_Regex_SQLServerConnectionString finds content that matches the pattern.
  • A keyword from CEP_GlobalFilter isn't found.
  • The regular expression CEP_PasswordPlaceHolder doesn't find content that matches the pattern.
  • The regular expression CEP_CommonExampleKeywords doesn't find content that matches the pattern.
<!---SQL Server Connection String>
<Entity id="e76b6205-d3cb-46f2-bd63-c90153f2f97d" patternsProximity="300" recommendedConfidence="85">
  <Pattern confidenceLevel="85">
        <IdMatch idRef="CEP_Regex_SQLServerConnectionString" />
        <Any minMatches="0" maxMatches="0">
            <Match idRef="CEP_GlobalFilter" />
            <Match idRef="CEP_PasswordPlaceHolder" />
            <Match idRef="CEP_CommonExampleKeywords" />
        </Any>
    </Pattern>
</Entity>

Keywords

CEP_GlobalFilter

  • some-password
  • somepassword
  • secretPassword
  • sample

CEP_PasswordPlaceHolder

This sensitive information type identifies these keywords by using a regular expression, not a keyword list.

  • Password or pwd followed by 0-2 spaces, an equal sign (=), 0-2 spaces, and an asterisk (*) -OR-
  • Password or pwd followed by:
    • Equal sign (=)
    • Less than symbol (<)
    • Any combination of 1-200 characters that are upper- or lowercase letters, digits, an asterisk (*), hyphen (-), underline (_), or whitespace character
    • Greater than symbol (>)

CEP_CommonExampleKeywords

This sensitive information type identifies these keywords by using a regular expression, not a keyword list.

  • contoso
  • fabrikam
  • northwind
  • sandbox
  • onebox
  • localhost
  • 127.0.0.1
  • testacs.com
  • s-int.net