Enterprise Search

Accessing the Enterprise Search page

By default, the Enterprise Search page gives a listing of all the files that were scanned and cataloged. By utilizing the GetVisibility Query Language (GQL), you can filter this data to focus on a more manageable subset. This allows you to narrow your search, making it easier to analyze and take appropriate action.

The Enterprise Search page also enables you to access recently used filters, save frequently used filters as bookmarks, and customize the column headings to create more meaningful reports.

From the left navigation under Dashboard select the Enterprise Search section.

Filtering Data

Click on the Add Filter button, to chose from multiple available filters:

Advanced Filtering using GQL

You can also write advanced filters using GQL Query. An example is shown below. For more details refer to GQL.

Reset Filters

You can reset the filters using the Reset button.

Exporting Data

  • Use the EXPORT button to create a CSV or JSON download of the filtered data.

Column Selection

You can select columns to display details by selecting the specific column from the Column Configuration menu. Open the Column Configuration by clicking the wheel icon as shown below:

The Column Configuration menu also captures details on the purpose of each column.

View Trends

You can further view the classification trends by clicking the icon. An example, is shown below:

Menu Options on the hamburger menu

Under the hamburger menu, you can see the following menu options:

Edit Classification To adjust the machine learning classification of a file, click on the option Manually verify classification option from the hamburger menu. This opens the following window where you can modify the classification suggested by ML manually. After modifying the classification click SAVE.
Send to classification pipeline Send file(s) for re-classification. That is, it will fetch the content of the file(s), run pattern matching, detectors, DLP policies (if enabled and) and AI classification, and as a result of it the classification, compliance tags, data attributes, detectors, DLP Rule Name, patterns, sensitive, critical other attributes will be updated.
  1. Select the specific file from the list. On the hamburger menu select the option Send to classification pipeline. Select Apply on the dialog at the bottom left.

  2. The message that Files were sent to classification appears.
View Access Rights A detailed list will appear showing the Security Identifier (SID), the display name associated with that SID, the organizational unit, domain, and the specific permissions granted.
Revoke Permissions Select and revoke specific user permissions previously allotted:
File Audit Log This functionality allows to see the details on the scanning process for a specific file. For instance, if specific file wasn’t successfully classified, then we can see what was happened with this file during the scanning: what pipeline stages were successfully passed, at which stage the file was filtered out and at which stage of classification the error occurred. See the screen shots below.

Click on the File Audit Log option. It opens the details for each scan where a file was processed. Specifically what stages of the pipeline were passed successfully (CATALOGUE_FINISHED, DISCOVERY_COMPLETED) and at which stage an error happened and as a result file was FILTERED_OUT from further classification.

Following is an explanation of each stage in the classification pipeline:

CLASSIFICATION_PIPELINE Shows if the content of the entity (file) was classified with content inspection of detectors, regular expressions, AI/ML and DLP. Available status are:
  • CLASSIFICATION_STARTED: Beginning of classification with detectors, regular expressions, AI/ML, and DLP
  • CLASSIFICATION_FINISHED: End of classification with detectors, regular expressions, AI/ML, and DLP
  • FILTERED_OUT: Filtering out files, which cannot be classified .
  • ERROR_IN_PROCESSING: Indicates whether a classification error happened.
SDM (Scan Data Manager) Shows if information has been successfully saved about the entity (file) in the system. Available status are:
  • CLASSIFICATION_STARTED: Beginning of classification persistence.
  • CLASSIFICATION_FINISHED: End of classification persistence.
  • CLASSIFICATION_EDITED: Manual classification override was done by user on the console.
  • MODIFIED_OR_DELETED: Indicates either column was renamed or deleted in the data sources during at least 2 scans (fired because of dropped column only).
Move selected file(s) Select and move specific file to a specified destination folder on a selected data source. An example, is shown below:
  1. Select the specific file from the list. On the hamburger menu select the option Move selected files(s). Select Apply.

  2. Select the connector from the dropdown and the credentials.

  3. Select the destination folder.

  4. Check the box to acknowledge the associated risk.
  5. Click Accept.
File Lineage

File Lineage is the ability to track the complete history of a file which includes information like when it was created, moved, copied, shared etc. You need to have audit logs enabled in advance in the specific data sources.

On the hamburger menu, select File Lineage. An example is shown below:

You can also export the lineage information using the Export to CSV option.
View file content