The faster organizations adopt AI tools, the faster PII ends up in places it shouldn't be — pasted into prompts, logged by agent frameworks, exported into shared workspaces. Auditing for that exposure means scanning the artifacts those tools leave behind.
This walks through scanning a local directory of audit logs (or any other dump) for PII.
Prerequisites
- The Blue Lantern on-prem toolkit installed.
- Credits allocated (or auto-refresh enabled).
- A local directory you want to scan.
- A scan caps out at 500 credits (~$0.50) regardless of how many files are in scope.
Running the scan
bluelantern --target ./some-directory-to-scan run pii-scanner
Results land in /results in your configured data directory. Run bluelantern ui to browse them at http://localhost:9090/results.
What you'll do with the results
PII findings are a starting point, not an answer. The scanner identifies probable PII — names, emails, identifiers, credit-card-shaped strings, and so on — but classification context (is this customer data? employee data? test fixtures?) lives in your environment, not the scanner. Triage the report against what each directory is supposed to contain.
If you find PII that shouldn't be there, the next steps are usually: rotate any exposed credentials, scrub the source, and figure out how the data got there in the first place.
See our blog posts on other technical topics!
- See how we recommend automating email analysis with our email analyzer tool
- See how you can check if you have any malicious chrome extensions
- Check out scanning your ai skills for malware using Blue Lantern Security
See how we compare to other tools!