Suppose your application is throwing an exception that contains some confidential or secret data exposed in the exception message and you don't want to display that information on the Controller.
You could add a block like below in <AgentHomeDir>/ver.x.x.x/conf/app-agent-config.xml
<sensitive-message-filters>
<sensitive-message-filter message-type="throwable"
match-type="CONTAINS"
match-pattern="<Exception Message Static Text>"
redaction-regex="<Regular Expression>"/>
</sensitive-message-filters>
Suppose there is an exception thrown like the one below:
com.TestException("AccountNumber1111111111")
If you don't want to expose the actual account number on the Controller, use below block:
<sensitive-message-filters>
<sensitive-message-filter message-type="throwable"
match-type="CONTAINS"
match-pattern="AccountNumber"
redaction-regex="[0-9]+"/>
</sensitive-message-filters>
Agent restart is required for the changes to take effect. After the changes and restart, this is what it should look like on the Controller:

Attached a sample app-agent-config.xml