Skip to main content

Documentation Index

Fetch the complete documentation index at: https://sentrydocs.dev/llms.txt

Use this file to discover all available pages before exploring further.

When your application sends error events to Sentry, the payloads can include request headers, form data, environment variables, and stack frame locals—any of which might contain passwords, credit card numbers, API keys, or other sensitive values. Data scrubbing lets you prevent that information from ever being stored in Sentry.
Scrubbing happens when events are ingested. Data that was sent before you enabled a scrubbing rule is not retroactively removed. If compliance is a concern, configure scrubbing before you start sending events, or contact your legal team about your data retention obligations.

How scrubbing works

Sentry applies scrubbing in two layers:
  1. Server-side scrubbing — Sentry scrubs data after it’s received, before it’s stored. Rules here apply to all SDKs regardless of version.
  2. SDK-side scrubbing — Your SDK filters or modifies events before they’re sent at all. This is the safest option because the data never leaves your infrastructure.
Within server-side scrubbing, organization-level rules run before project-level rules. If an organization rule and a project rule conflict, the organization rule wins.

Default scrubbing

Sentry’s default scrubbing automatically redacts values associated with common field names in all incoming events. Fields matched by these defaults include:
  • password, passwd, secret
  • api_key, apikey, auth, credentials, token
  • Credit card numbers (pattern-matched)
  • Social Security Numbers (pattern-matched)
Default scrubbing is enabled per project. You can disable it under Settings > [Project] > Security & Privacy by turning off Apply Default Scrubbers, but this is not recommended unless you have a more comprehensive custom configuration in place.

Global scrubbing rules

Organization-level rules apply to every project. Use them for values that must never appear in Sentry regardless of which project captures them.
1

Open Security & Privacy settings

Go to Settings > Security & Privacy.
2

Add sensitive fields

Under Additional Sensitive Fields, enter field names whose values should always be redacted. This matches field names anywhere in the event, including nested objects.Example: ssn, credit_card, internal_api_token
3

Add safe fields

Under Safe Fields, enter field names that should never be scrubbed even if they match a default pattern. Use this when you have a field like token_count that you need to keep.
4

Add custom PII rules (advanced)

Under Advanced Data Scrubbing, write custom PII rules using Relay’s rule format to match specific patterns, like internal IP ranges or custom identifier formats. These rules are applied in addition to the defaults.

Project-level scrubbing

Project settings let you customize scrubbing for a single project without affecting others.
  1. Go to Settings > [Project] > Security & Privacy.
  2. Configure Additional Sensitive Fields and Safe Fields for this project.
  3. Toggle Scrub IP Addresses to prevent user IP addresses from being stored.
Project-level fields are merged with organization-level fields. You cannot use project settings to un-scrub a field that the organization has marked as sensitive.

SDK-side scrubbing

The most reliable way to prevent sensitive data from reaching Sentry is to remove or mask it before the event is sent. Use the beforeSend callback in your SDK initialization. 
import * as Sentry from "@sentry/browser";

Sentry.init({
  dsn: "YOUR_DSN",
  beforeSend(event) {
    // Remove sensitive cookies from the request object
    if (event.request?.cookies) {
      delete event.request.cookies;
    }

    // Redact a specific variable from all stack frames
    if (event.exception?.values) {
      event.exception.values.forEach((exception) => {
        exception.stacktrace?.frames?.forEach((frame) => {
          if (frame.vars?.password) {
            frame.vars.password = "[Filtered]";
          }
        });
      });
    }

    return event;
  },
});
Return None from beforeSend to drop the event entirely. Return the modified event object to send it with your changes applied.

Scrubbing request data

By default, Sentry does not capture raw HTTP request bodies, but it does capture request headers, query parameters, and cookies. To prevent a specific header or cookie from being stored:
  • Add it to Additional Sensitive Fields in your project’s Security & Privacy settings.
  • Or use beforeSend to delete the field from event.request before sending.

Data retention

How long Sentry retains your events depends on your plan. Events are not kept indefinitely—after the retention window, they are permanently deleted. You can view and configure your retention period under Settings > Security & Privacy > Data Privacy.
Scrubbed values are replaced with the string [Filtered] in the event payload. The field name is preserved so you can see that data existed, but the value is permanently removed. Sentry does not store the original value anywhere.
Server-side PII scrubbing does not apply to file attachments. If you send attachments that may contain sensitive data, remove the data from the attachment before sending it, or disable attachment sending for that project.
The Data Scrubbing Selector Suggestions tool in Settings > [Project] > Security & Privacy shows you which selectors match fields in recent events. This helps you verify that your rules target the right data before you commit to them.