Splunk

AWS Bedrock Claude Sensitive Data in Prompts

Last updated 2 days ago on 2026-07-17

About

This detection identifies sensitive data such as social security numbers, passwords, API keys, and credit card numbers being sent in prompts to AWS Bedrock Claude models. Exposure of sensitive data through AI prompts may indicate data loss, credential leakage, or insider threat activity.
Platform
Splunk
Tags
Data Source: SplunkDomain: ApplicationRule Type: QueryOS: Any
Severity
medium
Risk Score
47
References
https://aws.amazon.com/blogs/apn/unlocking-the-power-of-splunk-with-amazon-bedrock-an-agentic-ai-approach-to-build-customized-splunk-assistants-using-bedrock-agents/(external, opens in a new tab or window)https://help.splunk.com/en/splunk-observability-cloud/observability-for-ai/splunk-ai-infrastructure-monitoring/set-up-ai-infrastructure-monitoring/amazon-bedrock(external, opens in a new tab or window)https://research.splunk.com/stories/aws_bedrock_security/(external, opens in a new tab or window)https://docs.aws.amazon.com/bedrock/latest/userguide/model-invocation-logging.html(external, opens in a new tab or window)
False Positives
Some false positives may arise from legitimate user interactions with the AI model that contain sensitive data for testing or demonstration purposes. It is important to review the context of the detected prompts to determine if they represent actual sensitive data exposure or benign usage.
Source
View on GitHub(external, opens in a new tab or window)

Definition

Rule Language
SPL
Rule Type
query
text code block:
`aws_bedrock_claude` | rename "identity.arn" AS user_arn, "input.inputBodyJson.messages{}.content{}.text" AS prompt_mv, "accountId" AS account_id | eval prompt_text = mvjoin(prompt_mv, " || ") | where isnotnull(prompt_text) AND isnotnull(user_arn) | rex field=user_arn "(?:assumed-role/[^/]+|user)/(?<user>[^\"/]+)$" | where match(prompt_text,"\b(AKIA|ASIA|AROA)[0-9A-Z]{16}\b|gh[pousr]_[A-Za-z0-9]{36}|xox[bpars]-[0-9A-Za-z-]{10,72}|sk_live_[0-9A-Za-z]{24,}|sk-(ant-)?[A-Za-z0-9-]{20,}|AIza[0-9A-Za-z_-]{35}|-----BEGIN[ A-Z]*PRIVATE KEY-----") OR match(prompt_text,"(?i)\b(pass(word|wd)?|pwd|secret[_-]?key|access[_-]?key|api[_-]?key|private[_-]?key)\b\s*[:=]\s*[^\s\"']{6,}") OR match(prompt_text,"(?i)\bbearer\s+[A-Za-z0-9._-]{20,}") OR match(prompt_text,"(?i)\b(ssn|social\s*security)\b.{0,20}\d{3}-\d{2}-\d{4}") OR match(prompt_text,"\b(?!000|666|9\d\d)\d{3}-(?!00)\d{2}-(?!0000)\d{4}\b") OR match(prompt_text,"\b(4\d{3}|5[1-5]\d{2}|6011)(?:[ -]?\d{4}){3}\b|\b3[47]\d{2}[ -]?\d{6}[ -]?\d{5}\b") | table _time, user, user_arn, account_id, modelId, prompt_text, host | sort - _time | `aws_bedrock_claude_sensitive_data_in_prompts_filter`

View this rule on Splunk

This rule was sourced from the official Splunk public repository. View the original rule on GitHub(external, opens in a new tab or window).