Scanning

Scanning process and statuses

To review Scans and their status go to Data Sources in the Administration drop-down.

The scanning process discovers and analyzes files across all configured data sources. It operates in three steps:

Discovery

  • The system searches through all files and folders.
    • If a specific path has not been set, the entire Data Source will be scanned.
    • Metadata (path, size, format, etc.) and permissions are extracted and recorded for each file.
  • This step ensures that every file and folder is identified and that access permissions are understood.
The scan discovery process can have the following statuses, reflecting its progress:
  • Not Started: Data Source has been added but the scan has not started.
  • Queued: Scan has been put into the queue for the execution.
  • Failed To Start: Scan unable to start, usually due to issues with permissions or network.
  • In Progress: Scan is actively running and processing data discovery.
  • Cancelled: Scan was manually stopped or automatically aborted.
  • Incomplete: Scan is partially completed but permissions to files were changed during scan.
  • Completed: Scan has successfully finished Discovery phase.

These statuses can be seen in the Last Scan Status column.

Metadata classification

This is the continuation of the Discovery process where:
  • Metadata information is processed for each file that has been collected as part of the Discovery step.
  • A detailed analysis of each file's metadata is performed.

Content Classification

  • Permissions are analyzed and the shared level is identified.
  • A detailed analysis of each file's content is performed.
  • Content is extracted and the sensitivity level and risk of each file is determined for classification.
    • This is determined by the Patterns/Detector setting and the AI Mesh
  • This ensures that sensitive information is properly identified and protected.

Trustee Scan

This is a scan to determine the Users and Groups present in a Data Source.
  • Metadata is extracted for each user, with specific fields depending on the data source. Some of the fields that will be picked up by the scan include Enabled, Last Login, Last Modified, etc.
The statuses for these scans are the same as for files but there are two additional ones.
  • Completed Only Users: The scan has been completed only for user-specific policies.
  • Completed Only Groups: The scan has been completed only for group-specific policies.

To see additional information on a running or completed scan click on the Scan Analytics Icon.

This will pop out the Analytics sidebar where there is information such as scan duration, how many files have been scanned, classification insights, etc.