이제 Cloud Data Loss Prevention(Cloud DLP)은 민감한 정보 보호에 포함됩니다. API 이름은 Cloud Data Loss Prevention API(DLP API)로 그대로 유지됩니다. 민감한 정보 보호를 구성하는 서비스에 대한 자세한 내용은 민감한 정보 보호 개요를 참조하세요.
검사가 완료되고 발견 항목이 BigQuery로 내보내지면 각 발견 항목에는 지정한 열의 해당 값이 포함됩니다. 이러한 값은 location.content_locations.record_location.record_key.id_values 필드에 있습니다. 그런 다음 이러한 값을 사용하여 발견 항목을 검사된 BigQuery 테이블의 특정 행에 다시 연결할 수 있습니다.
샘플 쿼리
다음 샘플 쿼리를 사용하여 결과를 분석할 수 있습니다. Looker Studio와 같은 시각화 도구에서 쿼리를 사용할 수도 있습니다. 이러한 쿼리는 결과 데이터 쿼리를 시작하는 데 도움이 됩니다.
bqquery--use_legacy_sql=false' SELECT info_type.name,COUNT(info_type.name) AS countFROM `PROJECT_ID.DATASET.TABLE_ID`GROUP BY info_type.name ORDER BY count DESC;'
bqquery--use_legacy_sql=false' SELECT info_type.name,cast(TIMESTAMP_SECONDS(create_time.seconds) as date) as day,COUNT(locations.container_name) AS count FROM `PROJECT_ID.DATASET.TABLE_ID`,UNNEST(location.content_locations) AS locationsGROUP BY info_type.name, day ORDER BY count DESC;'
bqquery--use_legacy_sql=false' SELECT info_type.name, locations.container_name,COUNT(locations.container_name) AS count FROM `PROJECT_ID.DATASET.TABLE_ID`,UNNEST(location.content_locations) AS locationsGROUP BY locations.container_name,info_type.name ORDER BY count DESC;'
테이블의 각 열에서 찾은 결과 유형 선택
이 쿼리는 모든 결과를 열 이름으로 그룹화하고 BigQuery 검사 작업의 결과에서 작동하도록 제공됩니다. 이 쿼리는 특정 열의 가능한 유형을 식별하려고 할 때 유용합니다. WHERE 및 HAVING 절을 수정하여 설정을 조정할 수 있습니다. 예를 들어 결과 테이블에 여러 테이블 결과가 포함된 경우 하나의 작업 실행 또는 하나의 테이블 이름으로 제한할 수 있습니다.
[[["이해하기 쉬움","easyToUnderstand","thumb-up"],["문제가 해결됨","solvedMyProblem","thumb-up"],["기타","otherUp","thumb-up"]],[["이해하기 어려움","hardToUnderstand","thumb-down"],["잘못된 정보 또는 샘플 코드","incorrectInformationOrSampleCode","thumb-down"],["필요한 정보/샘플이 없음","missingTheInformationSamplesINeed","thumb-down"],["번역 문제","translationIssue","thumb-down"],["기타","otherDown","thumb-down"]],["최종 업데이트: 2025-09-04(UTC)"],[],[],null,["# Query Sensitive Data Protection findings in BigQuery\n\nThis page provides example queries that you can use to analyze\nSensitive Data Protection findings that were exported to\nBigQuery.\n\nYou can [configure an inspection job or job\ntrigger](/sensitive-data-protection/docs/creating-job-triggers) to save the findings to\nBigQuery. Doing so lets you query the findings for further\nanalysis. When your findings are exported to BigQuery, the data\nis written to either a new or existing table.\n\nFor more information about all the actions that Sensitive Data Protection can\nperform after inspection, see the [Actions](/sensitive-data-protection/docs/concepts-actions) conceptual topic.\n\nFor more information about running queries, see the following:\n\n- [Run interactive and batch query jobs](/bigquery/docs/running-queries)\n- [Using the `bq` command-line tool](/bigquery/docs/bq-command-line-tool)\n\nColumns of the BigQuery table\n-----------------------------\n\nThe columns of the table of exported findings are based on the attributes of the\n[`Finding`](/sensitive-data-protection/docs/reference/rpc/google.privacy.dlp.v2#finding) object.\n\nLink results back to the rows containing the findings\n-----------------------------------------------------\n\nIf you are [configuring inspection of a BigQuery\ntable](/sensitive-data-protection/docs/inspecting-storage#inspect_a_table), you can set up the job or\njob trigger such that the exported findings will contain the row's identifiers.\nDoing so lets you link the inspection findings back to the rows that contain\nthem.\n\nIn the inspection job or job trigger, set the following fields to the names\nof the columns that uniquely identify each row in the table---that is,\nthe columns that serve the purpose of a primary key:\n\n- If you're using the Google Cloud console, set the **Identifying fields (comma\n separated)** field.\n- If you're using the DLP API, set the [`identifyingFields`](/sensitive-data-protection/docs/reference/rest/v2/InspectJobConfig#BigQueryOptions.FIELDS.identifying_fields) property.\n\nWhen the inspection is done and the findings are exported to\nBigQuery, each finding will contain the corresponding values of\nthe columns that you specified. Those values will be in the\n`location.content_locations.record_location.record_key.id_values` field. You can\nthen use those values to link the finding back to the specific row in the\ninspected BigQuery table.\n| **Note:** The [`rowIndex`](/sensitive-data-protection/docs/reference/rest/v2/InspectResult#tablelocation) property is not intended for use in BigQuery inspection jobs.\n\nSample queries\n--------------\n\nYou can use the following sample queries to analyze your findings. You can\nalso use the queries in a visualization tool such as\n[Looker Studio](https://www.google.com/analytics/data-studio/). These\nqueries are provided to help you get started querying your findings data.\n\nIn each of the following queries, replace the following:\n\n- \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: the project identifier\n- \u003cvar translate=\"no\"\u003eDATASET\u003c/var\u003e: the BigQuery dataset name\n- \u003cvar translate=\"no\"\u003eTABLE_ID\u003c/var\u003e: the table ID\n\n### Select the count of each infoType\n\n### Google Cloud console\n\n```sql\nSELECT info_type.name,\nCOUNT(info_type.name) AS count\nFROM `PROJECT_ID.DATASET.TABLE_ID`\nGROUP BY info_type.name\nORDER BY count DESC;\n```\n\n### Command-line\n\n```bash\nbq query --use_legacy_sql=false ' SELECT info_type.name,\nCOUNT(info_type.name) AS count\nFROM `\u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e.\u003cvar translate=\"no\"\u003eDATASET\u003c/var\u003e.\u003cvar translate=\"no\"\u003eTABLE_ID\u003c/var\u003e`\nGROUP BY info_type.name ORDER BY count DESC;'\n```\n\n### Select the count of each infoType by day\n\n### Google Cloud console\n\n```sql\nSELECT info_type.name, cast(TIMESTAMP_SECONDS(create_time.seconds) as date) as day,\nCOUNT(locations.container_name) AS count\nFROM `PROJECT_ID.DATASET.TABLE_ID`,\nUNNEST(location.content_locations) AS locations\nGROUP BY info_type.name, day\nORDER BY count DESC;\n```\n\n### Command-line\n\n```bash\nbq query --use_legacy_sql=false ' SELECT info_type.name,\ncast(TIMESTAMP_SECONDS(create_time.seconds) as date) as day,\nCOUNT(locations.container_name) AS count FROM `\u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e.\u003cvar translate=\"no\"\u003eDATASET\u003c/var\u003e.\u003cvar translate=\"no\"\u003eTABLE_ID\u003c/var\u003e`,\nUNNEST(location.content_locations) AS locations\nGROUP BY info_type.name, day ORDER BY count DESC;'\n```\n\n### Selects the count of each infoType in each container\n\n### Google Cloud console\n\n```sql\nSELECT info_type.name, locations.container_name,\nCOUNT(locations.container_name) AS count\nFROM `PROJECT_ID.DATASET.TABLE_ID`,\nUNNEST(location.content_locations) AS locations\nGROUP BY locations.container_name, info_type.name\nORDER BY count DESC;\n```\n\n### Command-line\n\n```bash\nbq query --use_legacy_sql=false ' SELECT info_type.name, locations.container_name,\nCOUNT(locations.container_name) AS count FROM `\u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e.\u003cvar translate=\"no\"\u003eDATASET\u003c/var\u003e.\u003cvar translate=\"no\"\u003eTABLE_ID\u003c/var\u003e`,\nUNNEST(location.content_locations) AS locations\nGROUP BY locations.container_name,info_type.name ORDER BY count DESC;'\n```\n\n### Selects the finding types found for each column of a table\n\nThis query will group all the findings by column name and is intended to work on\nfindings from a BigQuery inspection job. This query is useful if\nyou are trying to identify the likely types for a given column. You can adjust\nsettings by modifying the WHERE and HAVING clauses. For example, if multiple\ntable results are included in your findings table, you can limit these to just\none job run or one table name. \n\n### Google Cloud console\n\n```sql\nSELECT\n table_counts.field_name,\n STRING_AGG( CONCAT(\" \",table_counts.name,\" [count: \",CAST(table_counts.count_total AS String),\"]\")\n ORDER BY\n table_counts.count_total DESC) AS infoTypes\nFROM (\n SELECT\n locations.record_location.field_id.name AS field_name,\n info_type.name,\n COUNT(*) AS count_total\n FROM\n `PROJECT_ID.DATASET.TABLE_ID`,\n UNNEST(location.content_locations) AS locations\n WHERE\n (likelihood = 'LIKELY'\n OR likelihood = 'VERY_LIKELY'\n OR likelihood = 'POSSIBLE')\n GROUP BY\n locations.record_location.field_id.name,\n info_type.name\n HAVING\n count_total\u003e200 ) AS table_counts\nGROUP BY\n table_counts.field_name\nORDER BY\n table_counts.field_name\n```\n\nThe above query might produce a result like this for a sample table, where\nthe infoTypes column tells us how many instances of each infoType was found\nfor that given column."]]
