Russ, This is precisely why there is a DOWNLOAD event type in provenance. I recommend using that mechanism to track this. You can also register an authorizer which based on tags of the data and which user/entity is trying to access a given resource - whether they are allowed.
Thanks Joe On Wed, Jun 7, 2017 at 12:09 PM, Russell Bateman <[email protected]> wrote: > Is there a way to use an existing reporting task mechanism, to write a > custom reporting task or by other means to catch a UI user looking at a > flowfile (via right-clicking on the queue, then choosing List queue -> View > Details) including which flowfile was looked at (by /filename/ or /uuid/ or > maybe one of our own attributes)? > > We have flowfiles containing personal health data (PHI) which no one is > supposed to see, but in the case where it's unavoidably crucial to take a > look, for debugging or otherwise observing the functioning of a flow, we > must know the extent of exposure for legal reasons. > > Thank you for your thoughts, > > Russ >
