Live events

Live events page can be used view and filter user actions on files as they happen on data sources where event streaming is configured.

Remediation

Mitigate risk after a user action, for example: if user shared a file publicly, but it was found to be a highly confidential document - public share can be removed using the DSPM.

Navigate to Administration > Live events > Remediation.

Streaming

Filter user actions on files as they happen on data sources where event streaming is configured.

Navigate to Administration > Live events > Streaming.

File Audit Log

Events that occurred during a scan or during endpoint discovery (e.g. file was discovered by endpoint agent, or file was ingested/classified by scanner).

Navigate to Administration > Live events > File Audit Log.

Please define these values:

functionalityName=

    FileClassificationSink

    ClassificationListener

    FileOrConfigurationNotFoundFilter

    ScanCancelledFilter

    FileTypeNotSupportedByContentExtractionFilter

    ContentLengthTooBigToFetchFilter

    CatalogingListener

    MissingRequiredMetadataFilter

    FileClassificationSource

    ExtractionImpossibleFilter

    FilterByUnresolvablePayloadFunction

    IncrementalScanFunction

    KafkaPublisher

    FileAuditLog

    MetadataTaggingSource

    MetadataTaggingSink

    MetadataTaggerFunction

    BatchContentDetectorFunction

    ContentDownloadFailedAfterRetriesFilter

 

moduleName=

    SDM

    CDO

    CLASSIFICATION_PIPELINE

    SM

    CATALOGING_PIPELINE

    METADATA_TAGGING_PIPELINE

Extended Streaming

Detailed, verbose audit logs of user actions (e.g. Opening a file etc).

Navigate to Administration > Live events > Extended Streaming.

Trustee Streaming