DocsConfiguration

Configuration

Detection rules, custom patterns, zero-data mode, and action types.

Overview

Grepture configuration lives in your dashboard. Detection rules determine what gets flagged, and actions determine what happens when a rule matches. Everything is managed through the dashboard UI — no configuration files or code changes needed.

Detection rules

Rules define what patterns Grepture looks for in your API traffic. Each rule has conditions (what to match) and actions (what to do).

Regex-based detection (all plans)

High-performance pattern matching that runs in under 1ms. Detects structured data like:

  • PII — emails, phone numbers, SSNs, dates of birth, addresses
  • Secrets — API keys, bearer tokens, database connection strings, OAuth tokens
  • Financial — credit card numbers, bank account numbers, routing numbers
  • Network — IP addresses, MAC addresses, URLs with credentials

The free plan includes 50+ built-in regex patterns. All patterns are open source and auditable. Free plans are limited to 3 rules; Pro and above get unlimited rules.

AI-powered detection (all plans)

All five AI detection actions are available on every plan, including Free. Free users get 25 AI-powered requests per month (shared across all AI action types). Pro and Business plans get unlimited AI usage according to their tier.

The following AI models all run on Grepture infrastructure — no data leaves to external AI services.

AI PII detection (Free: sampling, Pro+: unlimited)

Local AI models that detect unstructured personal data that regex can't catch:

  • Names — first names, last names, full names in natural language
  • Locations — cities, countries, addresses in freeform text
  • Organizations — company names, institutions

Prompt injection detection (Free: sampling, Business+: unlimited)

Detects and blocks adversarial prompt injection attempts before they reach your LLM. Configurable threshold scoring with the option to block or log detections.

Additional AI detection (Free: sampling, Business+: unlimited)

  • Toxicity detection — toxic, obscene, threatening, or hateful content
  • DLP (Data Loss Prevention) — source code, credentials, internal documents, financial data
  • Compliance detection — healthcare, financial, legal, and insurance domain violations

AI sampling (Free plan)

Free users can configure rules with any AI action. The proxy enforces a shared pool of 25 AI requests per calendar month. When the limit is reached, AI actions silently skip — the request still goes through, just without AI-powered protection. Track your usage in the dashboard billing settings or via the X-Grepture-AI-Sampling response header.

Actions

When a rule matches, Grepture takes one or more actions. Each rule can have multiple actions configured.

ActionDescription
Redact PIIReplace matched content with a placeholder (e.g., [REDACTED_EMAIL]), hash, or mask. Supports mask-and-restore mode with TTL for reversible redaction.
Block requestReject the entire request with a configurable status code and message.
Find & replaceRegex or literal find-and-replace on request/response content.
Redact fieldReplace specific JSON fields with a custom value.
TokenizeReplace fields with tokens that can be restored later.
Log onlyRecord the detection without modifying the request. Supports severity levels (info, warn, critical) and custom labels.

Creating rules

In the dashboard, navigate to Rules and click Create Rule:

  1. Name — a descriptive identifier (e.g., block-credit-cards)
  2. Apply to — where to run the rule: input (request), output (response), or both
  3. Conditions — match criteria using field + operator + value:
    • Fields: header, model, body, url
    • Operators: contains, equals, matches (regex), exists
    • Multiple conditions can be combined with AND or OR logic
  4. Actions — one or more actions to take when conditions match
  5. Sampling rate — percentage of matching requests to apply the rule to (0–100)
  6. Priority — execution order when multiple rules match (drag to reorder in the rules list)

Zero-data mode

Enable zero-data mode and Grepture processes every request without persisting any content:

  • Request and response bodies stay in memory only
  • Headers, URLs, and query parameters are never stored
  • Detection rules still fire — PII detection, redaction, blocking all work in-flight
  • Only operational metadata is logged: HTTP method, status code, latency, and rule hits

Toggle zero-data mode in the dashboard on the API settings page. Available on Business plans and above.

Fallback mode

Configure what happens if the Grepture proxy encounters an internal error:

  • Passthrough — forward the raw request to the target API (prioritizes availability)
  • Error — return a 502 error to your application (prioritizes security)

Configure fallback mode on the API settings page in the dashboard.