Haifeng's Blog

How to Disable CloudSOC Anonymization

by · Published · Updated

In Symantec/Broadcom CloudSOC (CASB), the Anonymization feature masks user identifiers (such as email addresses, usernames, and IPs) in reports and logs — typically displayed as anon-xxxx.
If you need to view real user information for auditing or incident investigation, a user with the DPO (Data Protection Officer) role must disable this feature.

1. Prerequisites

  • A user with the DPO role is required.
  • Only DPO username/password can disable anonymization.

2. Steps to Disable Anonymization

  • Assign the DPO Role
    In the CloudSOC portal, go to: Users Assign the DPO role to the target user.
  • Reset the DPO User’s Password
    Since the reset password method mentioned in older TechDocs is no longer available, use the following workaround:
    • Open: https://app.elastica.net/static/ng/appLogin/index.html#/?show_unpw_login=true
    • Click Forgot password.
    • Enter the DPO user’s email address to reset the password.
  • Log In to CloudSOC
    Use the System Administrator credentials to log in. Note: This is not the DPO user account. The DPO account will only be used later to confirm the anonymization disable action.
  • Disable Anonymization
    Navigate to: Settings → User Privacy → Anonymization of User Identity Click Remove Anonymization.
    The system will prompt for the DPO username and password to confirm the action.

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *