Create a policy

  • Latest Dynatrace
  • How-to guide
  • 1-min read
  • Published Dec 03, 2025

Policies map your organization's policy requirements to DQL that can be applied to refine the request query. For example, if you have a financial_logs bucket and your organizational policy is that this data should never be included in personal data exports, you can create an export policy | filter dt.system.bucket != “financial_logs” and apply this to all export requests by default.

You can use policies to either enrich or filter request results. For example:

  • Use the parse command to extract personal data fields from your logs, such as a profile ID or IP address.
  • Use the filter command to exclude data such as audit logs and compliance records.

To create a policy with Sensitive Data Center Sensitive Data Center, you need to:

  1. Open Sensitive Data Center Sensitive Data Center.

  2. Select the Policies tab.

  3. Select Create policy.

  4. Provide a name for your policy, for example 'Exclude financial logs'.

  5. In the Description field, explain what the policy does, for example 'Filters out financial_logs bucket from all requests'.

  6. Choose a validity: is your policy relevant for export requests, deletion requests, or both? Note that policies are not supported for cleanup requests.

  7. Check Apply by default if your policy should be automatically applied to all relevant requests.

  8. In the Conditions field, provide the DQL that should be used for your policy. Only the DQL entered after fetch logs and the explanatory comment in the query will be saved. If your policy's validity includes deletion requests, ensure it does not use any DQL that is unsupported for deletion.

  9. Click Create policy to save your policy. It will now be selectable when creating relevant requests.

Related tags
Sensitive Data CenterSensitive Data Center