Create a New Sensitive Data Scan

 

Overview

What is a Sensitive Data Scan?

  • Scans are the searches that agents perform on endpoints (targets) to find either the file locations (Discovery Scan) or find specific data types (Sensitive Data Scan) within the files and folders

  • Sensitive Data Scans enable you to search for specific data types (social security numbers, telephone numbers, etc) within files and folders at different locations (and take actions on them based on the playbook rule defined for them)

A playbook is a set of rules used to define the action(s) taken when implementing a scan.
For example, a playbook action may be to refer specific data found by a scan to a specific department for review and remediation.

Create a new Sensitive Data Scan

From the Dashboard, navigate to Scans > All Scans.

To create a new Sensitive Data Scan:

1. In the top-right corner of the All Scans screen, click the Add Scan button.

2. On the next screen, fill in the Name and Description. The Description is optional.

 

3. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

4. On the Select what type of scan to create screen, click Sensitive Data Scan. Select Next.

5. On the Select a Playbook to apply to the scan screen, choose a Playbook from the list.

a. If the playbook you want is not listed, you can use the Search box to search for it.

b. To search for a specific Playbook, type the name of the Playbook in the search box and then select the search icon.

6. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

7. On the Select the target type to scan, choose a Target type.

 

8. Expand each of these sections for more information on Target types.

Create a Cloud Scan

1. Click the Cloud tile.

2. On the Select which cloud service to scan screen, select and click a cloud platform tile:

  • Dropbox
  • Google Drive
  • box
  • OneDrive for Business
  • amazon S3

3. Select the service and the Select the agent(s) to perform the scan screen opens.

4. From the All On-Prem Agents list, choose the agent(s) you want to use.

a. To expand a section, click the chevron (>) icon.

b. To select an agent, click the arrow next to the agent name. This moves the agent over to the Selected On-Prem Agents field.

c. To check the version of an agent, hover your mouse over the information icon to determine the version of the Agent.

Note:Agent 13, Agent 13.1, Agent 13.2, and Legacy Agents cannot be combined. If you select more than one version of the agents, you get an error message and are prompted to reselect your agents.



d. To remove an agent from the Selected On-Prem Agents field, click the arrow next to an agent name in that field.

5. On the Select Targets(s) to Scan screen, select one or more targets to scan.

1) Expand the section and add a target.

2) To add a target, click the arrow next to its name and move it to the Selected Targets field.

3) To remove a target from the Selected Targets section, click the arrow next to the target name and move it back to the All Targets field.

Note: To create a new Target, see Working with Assets and Targets.

.

6. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

7. On the Select Which User Accounts Would You Like to Scan screen:

Note: Your cloud source brand is reflected on this screen. However, the screen does not display for amazon S3 cloud services.

  • Search: To search for a User Account, type the name in the box and click the Search icon or click Enter.

  • Input the User Account to add and press Enter: Type the user account name and click Enter.

  • Upload Account List: To upload a list of accounts from your local computer, click the upload icon and locate the file on your local computer.

8. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

9. On the Select File Type Scan Options screen, select options.

These options are described in Scan Options.

10. If applicable, click the Advanced Optionsbutton in the top right corner of the screen to add additional options. Then click the Basic Options button to return.

11. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

12. On the Select file type scan options - Advanced Options screen, select options.

These options are described and detailed in Scan Options.

Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

13. On the Select advanced options screen, select from the Advanced Options.

These options are described and detailed in Scan Options.

14. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

15. On the Select Discovery Team settings screen, select from these options:

Note: This screen only displays when multiple On-Prem agents are selected.

e. Agent 13.0+: Ensure these ports are open.

  • Port 5672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL. other agents involved in the same scan to the Discovery Agent.

NOTE: This communication is for reading and writing information to the message queue.

  • Port 15672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

NOTE: This is for the Message Queue Management Interface and API.

f. Agent 13.2+: Ensure these ports are open.

  • Ports 5671 & 5672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

NOTE: This communication is for reading and writing information to the message queue.

  • Ports 15671 & 15672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

NOTE: This is for the Message Queue Management Interface and API.

g. Discovery Agent: Select an agent from the drop-down list.

Note: Distributed scans use the assigned discovery agent to conduct location discovery and provide a queue for all other agents to be assigned locations for scanning. While the Discovery Agent can be manually chosen, it is recommended that you use the preferred Discovery Agent.

h. Configure Agent IPs: If your organization requires it, you can set a specific IP address.

1) Click Configure Agent IP's.

2) In the Add New IP Address window, type the new IP address and click the plus (+) icon.

3) Hover over the new IP address options menu and click Make Default.

4) Click Save to apply or Cancel to discard.

i. For Agent 13.0 and legacy Agents, use these options.

1) These options are described and detailed in Scan Options.

16. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

17. The next screen is Select the scan schedule. Click on Select Date and Time to see how to set the date, time, and /or recurrence for a scan.

18. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

19. On the Who should receive notification of scan completion screen, select how to send email notifications.

  • I'll Manually Check My Scans Results

  • Send An Email Notification

j. Select a user from the drop-down list. Type an email address in the entry field and click Enter.

k. To add additional email addresses, click the plus (+) icon and type the email addresses in the entry field.

20. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

21. On the Summary screen, select the chevron (>) to open and review your scan settings.

22. Use a edit icon link to jump to a specific screen to edit a setting.

23. Click Finish & Save to add the new Scan, Previous to return to the previous screen, or Exit Without Saving to discard.

Create a Files & Folders Scan

1. Click the Files & Folder tile.

2. Click a target type. For this example select Local Target.

1. On the Select the target(s) to scan screen, click the chevron (>) next to one of the listed targets to expand the list in the All Targets section.

a. To add a target from the All Targets to the Selected Targets field, click the arrow next to the target.

b. To move a target from theSelected Targets to the All Targets field, click the arrow next to the target.

Note: Agent 13, Agent 13.1, Agent 13.2, and Legacy Agents cannot be combined. If you select more than one version of the targets, you will get an error message and be prompted to reselect your targets.



2. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

3. On the Select the search location type screen, select a location type:

  • 4. Full Computer Scan

  • Logged in User's Directory

  • Cloud Storage Folders

  • All Removable Drives

  • Custom Folder List

5. Expand a section for more information.

Select one:

1. For this example, select Full Computer Scan.

1. On the Select file type scan options screen choose from the displayed Basic Options.

1.

a. These options are described in Scan Options.

2. If applicable, click Advanced Options button in the upper, right corner of the screen. Click the button again to return to the Basic Options screen.

3. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

On the Select file type scan options - Advanced Options screen, choose from the displayed Advanced Options.

4. These options are described and detailed in Scan Options.

5. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

6. On the Scan email and compressed files? screen, choose from the displayed options.

7.

b. These options are described and detailed in Scan Options.

8. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

9. On the Select Exchange / Outlook options screen, the available options are displayed.

10.

a. These options are described and detailed in Scan Options.

11. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

12. The Select advanced options screen, provides additional advanced options.

b. These options are described and detailed in Scan Options.

13. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

14. The next screen is the Select the scan schedule screen. To set up date, time, and / or recurrence for a scan, see Select Date and Time.

15. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

16. On the Who should receive notification of scan completion screen, select how to send email notifications.

  • a. I'll Manually Check My Scans Results

  • b. Send An Email Notification

1)

1) Select a user from the drop-down list. Type an email address in the entry field and click Enter.

2) To add additional email addresses, click the plus (+) icon and type the email addresses in the entry field.

17. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

18. On the Summary screen, select the chevron (>) to open and review your scan settings.

19.

20. Use the edit icon links to jump to a specific screen to edit a setting.

21.

22. Click Finish & Save to add the new Scan, Previous to return to the previous screen, or Exit Without Saving to discard.

1. On the Select which custom folders to add screen, enter the folders to include or exclude.

1.

a. Include: Type the folder(s) to include, one per line.

b. Exclude: Type the folder(s) to exclude, one per line.

Note: You must include or exclude at least one folder.

c. Import Custom Folders: Upload a .csv file of custom folder types.

1) Click Import Custom Folders. Navigate to the .csv folder to import from your computer.

2) In the Import CSV window, select:

  • Include

  • Exclude

  • By Flag (includes & excludes)

3) Click Import to import the file or Cancel to discard.

2. In the upper, right corner of the screen, click Advanced Options button. You can click the button again to go back to the previous screen.

3. The Add Custom Folders - Advanced Options screen opens. Additional options are displayed.

These options are described and detailed in Scan Options.

4. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

a. The Select file type scan options screen displays Basic Options. You can also click the Advanced Option button in the top, right corner of the screen to access those options.

b.

These options are described and detailed in Scan Options.

c. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

d. From the Basic Options screen select the Advanced Options button and the Select file type scan options - Advanced Options screen opens and displays additional options. You can select the button again to return to the Basic Options screen.

e.

These options are described and detailed in Scan Options.

5. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

6. On the Scan email and compressed files? screen, select from the displayed options.

7.

a. These options are described and detailed in Scan Options.

b. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

8. On the Select Exchange / Outlook options screen, select from the displayed options.

9.

c. These options are described and detailed in Scan Options.

10. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

11. On the Select advanced options screen, choose from the additional options.

12.

These options are described and detailed in Scan Options.

13. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

14. The next screen is Select the scan schedule. Click on to see Select Date and Time how to set the date, time, and / or recurrence for a scan.

15. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

16. On the Who should receive notification of scan completion screen, select how to send email notifications.

  • a. I'll Manually Check My Scans Results

  • b. Send An Email Notification

1)

1) Select a user from the drop-down list and / or type an email address in the entry field and click Enter.

2) To add additional email addresses, click the plus (+) icon and type the email addresses in the entry field.

17. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

18. On the Summary screen, select the chevron (>) to open and review your scan settings.

19.

20. Use th edit icon link to jump to a specific screen to edit a setting.

21.

22. Click Finish & Save to add the new Scan, Previous to return to the previous screen, or Exit Without Saving to discard.

1. On the Select a cloud storage folder to scan screen, select a cloud storage type to scan:

  • Dropbox

  • Google Drive

  • box

  • OneDrive for Business

  • amazon S3

2. On the Select file type scan options screen, Basic Options display.

3.

These options are described and detailed in Scan Options.

4. If applicable, click the Advanced Options button to add additional options or click the Basic Options button to return to the previous screen.

5.

These options are described and detailed in Scan Options.

6. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

7. On the Scan email and compressed files? screen, select from the displayed options.

8.

These options are described and detailed in Scan Options.

Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

9. On the Select Exchange / Outlook options screen, select from the displayed options.

These options are described and detailed in Scan Options.

Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

10. On the Select advanced options screen, additional options display.

11.

c. These options are described and detailed in Scan Options.

12. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

13. The next screen is the Select the scan schedule screen. To set up date, time, and / or recurrence, see Select Date and Time.

14. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

15. On the Who should receive notification of scan completion screen, select how to send email notifications.

  • d. I'll Manually Check My Scans Results

  • e. Send An Email Notification

1)

1) Select a user from the drop-down list or type an email address in the entry field and click Enter.

2) To add additional email addresses, click the plus (+) icon and type the email addresses in the entry field.

16. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

17. On the Summary screen, select the chevron (>) to open and review your scan settings.

18.

19. Use the edit icon link to jump to a specific screen to edit a setting.

20.

21. Click Finish & Save to add the new Scan, Previous to return to the previous screen, or Exit Without Saving to discard.

After selecting the Files & Folders tile, select the Remote Target target type.

The next screen is the Select the agent(s) to perform the scan screen. Select from the All On-Prem Agents list. To expand the list, select the chevron (>) next to the entry.

1.

1. To add an agent to the Selected On-Prem Agents list, click the arrow next to the agent name.

Note: Agent 13, Agent 13.1, Agent 13.2, and Legacy Agents cannot be combined. If you select more than one version of the agents, you will get an error message and be prompted to reselect your agents.



2. To move an agent back to the All On-Prem Agents list from the Selected On-Prem Agents list, click the arrow next to the agent name.

3. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

4. On the Select target(s) to scan screen, select a target from the All Targets list.

5.

6. Use the chevron(>) to expand the target list.

7.

8. Use the arrow next to the target name to move the target to the Selected Targets list. Select the arrow next to the target name to move it from the Selected Targets list back to the All Targets list.

9. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

10. On the Select the search location type screen, choose one. Expand a each section for more information.

1. This example uses the Full Computer Scan location type.

1. On the Select file type scan options screen, select from the options list.

1.

2. These options are described and detailed in Scan Options.

3. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

4. Click the Advanced Optionsbutton in the upper, right corner and the Select file type scan options - Advanced Options screen opens. To return to the Basic Options view, click the button again.

5.

f. These options are described and detailed in Scan Options.

Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

6. On the Select advanced options screen, select from additional options.

7.

g. These options are described and detailed in Scan Options.

h. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

8. The next screen is the Select the scan schedule screen. To set up date, time, and / or recurrence for a scan, see Select Date and Time.

9. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

10. On the Who should receive notification of scan completion screen, select how to send email notifications.

  • i. I'll Manually Check My Scans Results

  • j. Send An Email Notification

k. Select a user from the drop-down list or type an email address in the entry field and click Enter.

l.

3) To add additional email addresses, click the plus (+) icon and type the email addresses in the entry field.

11. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

12. On the Summary screen, select the chevron (>) to open and review your scan settings.

Use a edit icon link to jump to a specific screen to edit a setting.

13.

14. Click Finish & Save to add the new Scan, Previous to return to the previous screen, or Exit Without Saving to discard.

1. Select the Custom Folder List location type. The Select which customer folders to add screen opens.

1.

a. To include folders, type the name(s) of the folders, one title per line, in the Include field.

b. To exclude folders, type the name(s) of the folders, one title per line, in the Exclude field.

You must include or exclude at least one folder.

c. To import a custom folder list .csv file, click Import Customer Folders button in the upper, right of the screen.

4) The Import CSV window opens.

5) Select:

• Include

• Exclude

• By Flag (includes & excludes)

6) The Select a csv file to import* entry field is required. Once your cursor is in this field, a folder on your computer opens.

7) Enter or locate the folder to use. Click Open. Click the Import button to import the folder or Cancel to discard.

2. You can also click the Advanced Options button on this screen. When selected the Add Custom Folders - Advanced Options screen opens. The button now says Basic Options. To return to the previous screen, click this button again. To continue, select Next.

3.

These options are described and detailed in Scan Options.

a. Click Finish & Save to add the new Scan, Previous to return to the previous screen, or Exit Without Saving to discard.

b. The next screen is the Select file type scan options screen.

c.

You can select the Advanced Options button from this page. It opens the Select file type scan options - Advanced Options screen. The button now says Basic Options. Click the button to go back to the previous screen. To continue, select Next.

d.

These options are described and detailed in Scan Options.

4. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

On the Select advanced options screen are additional options.

These options are described and detailed in Scan Options.

5. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

6. On the Select Discovery Team Settings screen, select settings.

Note: The screen only displays when more than one On-Prem agent is selected.

e. Agent 13.0+: Ensure these ports are open.

  • Port 5672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

NOTE: This communication is for reading and writing information to the message queue.

  • Port 15672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

NOTE: This is for the Message Queue Management Interface and API.

f. Agent 13.2+: Ensure these ports are open.

  • Ports 5671 & 5672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

NOTE: This communication is for reading and writing information to the message queue.

  • Ports 15671 & 15672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

NOTE: This is for the Message Queue Management Interface and API.

g. Discovery Agent: Select an agent from the drop-down list.

Note: Distributed scans use the assigned discovery agent to conduct location discovery and provide a queue for all other agents to be assigned locations for scanning. While the Discovery Agent can be manually chosen, it is recommended that you use the preferred Discovery Agent.

h. Configure Agent IPs: If your organization requires it, you can set a specific IP address.

1) Click Configure Agent IP's.

2) In the Add New IP Address window, type the new IP address and click the plus icon. Hover over the new IP address more options menu and click Make Default.

3) Click Save to apply or Cancel to discard.

i. For Agent 13.0 and legacy Agents, choose from these options:

1) These options are described and detailed in Scan Options.

7. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

8. The next screen is the Select the scan schedule screen. To set up date, time, and / or recurrence, see Select Date and Time.

9. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

10. On the Select who should receive notification of scan completion screen, select how to send email notifications.

  • j. I'll Manually Check My Scans Results

  • k. Send a Notification

1)

1) To add addresses, click the plus (+) icon or type the email addresses in the entry field.

1)

11. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

12. On the Summary screen, select the chevron (>) to open and review your scan settings.

13.

14. Use the edit icon link to jump to a specific screen to edit a setting.

15.

16. Click Finish & Save to add the new Scan, Previous to return to the previous screen, or Exit Without Saving to discard.

1. Click the Email tile.

2. Select an email service provider.

Expand a section for more information.

1. When you select Exchange, the Select the agent(s) to perform the scan screen opens.

Select an agent from the All On-Prem Agents list. To expand the list, select the chevron (>) next to the entry.

a. To move an agent from the All On-Prem Agents list to the Select On-Prem Agents list, use the arrow next to the agent name.

b. To move an agent from the Selected On-Prem Agents list to the All On-Prem Agents list, select the agent you want to return. Click the arrow next to the agent name.

2. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

3. On the Select the target(s) to scan screen, select a target from the All Targets list. To expand a target, click on the chevron (>).

4.

a. To move a target to the Selected Targets list, click the arrow next to the target name.

b. To move a target from Selected Targets to All Targets, click the arrow next to the target name.

5. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

6. On the Scan servers by account list? screen, upload or enter the accounts you want to include in your scan.

7.

8. You can select actions for the Mailbox Accounts:

  • Scan Attachments

  • Scan All Mailboxes

  • Include Dumpster

  • Include Online Archive

If you select no Mailbox Accounts for a target then all Mailbox Accounts are scanned.

For Scan All Mailboxes to be checked, requires that no targets have mailboxes assigned. For Scan All Mailboxes to be unchecked, requires that all targets have mailboxes assigned.

Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

9. The next screen is Select file type scan options.

10.

These options are described and detailed in Scan Options.

To select Advanced Options, click the button upper, right of the screen. You can also select the Basic Options button again to return to the previous screen.

Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

11. If you click the Advanced Options button, the Select file type scan options - Advanced Options screen opens.

12.

c. These options are described and detailed in Scan Options.

13. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

14. The Select Exchange / Outlook options screen, displays options specific to Exchange and Outlook.

15.

a. These options are described and detailed in Scan Options.

16. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

17. The Select advanced options screen opens.

18.

2) These options are described and detailed in Scan Options.

19. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

20. On the Select Discovery Team settings screen, select settings.

Note: The screen only displays when multiple On-prem agents are selected.

b. Agent 13.0+: Ensure these ports are open.

  • Port 5672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

Note: This communication is for reading and writing information to the message queue.

  • Port 15672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

Note: This is for the Message Queue Management Interface and API.

c. Agent 13.2+: Ensure these ports are open.

  • Ports 5671 & 5672: Use the following settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

Note: This communication is for reading and writing information to the message queue.

  • Ports 15671 & 15672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

Note: This is for the Message Queue Management Interface and API.

d. Discovery Agent: Select an agent from the drop-down list.

Note: Distributed scans use the assigned discovery agent to conduct location discovery and provide a queue for all other agents to be assigned locations for scanning. While the Discovery Agent can be manually chosen, it is recommended that you use the preferred Discovery Agent.

e. Configure Agent IPs: If your organization requires it, you can set a specific IP address.

  • Click Configure Agent IP's.

  • In the Add New IP Address box, type the new IP address and click the plus icon.

  • Hover over the new IP address more options menu and click Make Default.

  • Click Save to apply or Cancel to discard.

f. For Agent 13.0 and legacy Agents, choose from these options:

1) These options are described and detailed in Scan Options.

21. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

22. The next screen is the Select the scan schedule screen. To set up date, time, and / or recurrence, see Select Date and Time.

23. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

24. On the Who should receive notification of scan completion screen, select how to send email notifications.

  • g. I'll Manually Check My Scans Results

  • h. Send a Notification

1)

1) Select a user from the drop-down or type an email address in the entry field and click the plus (+) icon or Enter.

1) To add additional email addresses, click the plus (+) icon and type the email addresses in the entry field.

25. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

26. On the Summary screen, select the chevron (>) to open and review your scan settings.

27.

28. Use the edit icon link to jump to a specific screen to edit a setting.

29.

30. Click Finish & Save to add the new Scan, Previous to return to the previous screen, or Exit Without Saving to discard.

When you select Exchange Online as the email provider to scan, the Select the agent(s) to perform the scan screen opens. Choose the agents you want to use. Click the chevron (>) to expand the list.

a. To add an agent from the All On-Prem Agents list to the Selected On-Prem Agents list, click the arrow next to the agent name.

b. To move an agent from the Selected On-Prem Agents list, click the arrow next to the agent name.

31. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

32. On the Select the target(s) to scan screen, click the chevron (>) to expand the All Targets list.

a. To add the target, click the arrow next to the target name. The target moves to the Selected Targets list. To move the target back to the All Targets list, click the arrow next to the target name.

33. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

34. On the Select accounts to scan screen, check the Scan Attachments checkbox, if applicable. You can also type account names into the entry field and then select Enter.

35.

Note: If you do not specify user accounts, by default, all user accounts are scanned.

a. To upload multiple accounts:

1) Click Upload Account List.

2) From your computer, locate and select the .csv file with the accounts to include. Select Open.

3) The user accounts are displayed in the entry field.

36. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

37. On the Select file type scan options screen, select from these Basic Options. Click the Advanced Options button at the upper right corner of this screen to access additional options. You can toggle back and forth between these screens using this button.

38.

a. These options are described and detailed in Scan Options.

b. When you click the Advanced Options button, the Select file type scan options - Advanced Options screen opens.

c.

1) These options are described and detailed in Scan Options.

d. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

e. The next screen is the Select advanced options.

f. These options are described and detailed in Scan Options.

39. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

40. On the Select Discovery Team settings screen, use the displayed options.

41.

Note: The screen only displays when multiple On-Prem agents are selected.

a. Agent 13.0+: Ensure these ports are open.

  • Port 5672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

      Note: This communication is for reading and writing information to the message queue.

  • Port 15672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

Note: This is for the Message Queue Management Interface and API.

b. Agent 13.2+: Ensure these ports are open.

  • Ports 5671 & 5672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

Note: This communication is for reading and writing information to the message queue.

  • Ports 15671 & 15672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

Note: This is for the Message Queue Management Interface and API.

c. Discovery Agent: Select an agent from the drop-down list.

Note: Distributed scans use the assigned discovery agent to conduct location discovery and provide a queue for all other agents to be assigned locations for scanning. While the Discovery Agent can be manually chosen, it is recommended that you use the preferred Discovery Agent.

d. Configure Agent IPs: If your organization requires it, you can set a specific IP address.

1) In the Add New IP Address box, type the new IP address and click the plus icon.

2) Hover over the new IP address more options menu and click Make Default.

3) Click Save to apply or Cancel to discard.

Note: Distributed scans use the assigned discovery agent to conduct location discovery and provide a queue for all other agents to be assigned locations for scanning. While the Discovery Agent can be manually chosen, it is recommended that you use the preferred Discovery Agent.

Agent 13.0 and legacy Agents: select from these options.

1) These options are described and detailed in Scan Options.

Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

42. The next screen is the Select the scan schedule screen. To set up date, time, and / or recurrence, see Select Date and Time.

43. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

44. On the Who should receive notification of scan completion screen, select how to send email notifications.

  • I'll Manually Check My Scans Results

  • Send An Email Notification

a.

b. Select a user from the drop-down list or type an email address in the entry field and click Enter.

c. To add additional email addresses, click the plus (+) icon and type the email addresses in the entry field.

45. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

46. On the Summary screen, select the chevron (>) to open and review your scan settings,

47.

48. Use a edit icon link to jump to a specific screen to edit a setting.

49.

50. Click Finish & Save to add the new Scan, Previous to return to the previous screen, or Exit Without Saving to discard.

1. When you select the email provider Gmail, the Select the agent(s) to perform the scan screen opens. Choose the agents you want to use for your scan. Click the chevron (>) to expand the sections.

a. To add an agent from the All On-Prem Agents list to the Selected On-Prem Agents list, click the arrow next to the agent name.

b. To move the agent from the Selected On-Prem Agents list to the All On-Prem Agents list, click the arrow next to the agent name.

 

2. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

3. On the Select the target(s) to scan screen click the chevron (>) to expand the target list.

a. To add target(s) from the All Targets list to the Selected Targets list, click the arrow next to the target name.

b. To move a target from the Selected Targets list back to the All Targets list, click the arrow next to the target name..

4. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

5. On the Select accounts to scan screen, check the box next to Select Scan Attachments.

a. To add user accounts:

  • Type the user account name in the entry field and click Enter.

  • Search for the user account name.

b. To upload multiple accounts, click Upload Account List.

2) Locate and select the .csv file with the accounts on your computer.

3) The user accounts are displayed in the target box.

6. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

7. On the Select file type scan options screen, the Basic Options display.

8.

a. These options are described and detailed in Scan Options.

9. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

10. From the Basic Options screen, select the Advanced Options button in the upper, right of the screen. Additional options display.

11.

b. These options are described and detailed in Scan Options.

12. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

13. Additional are available on the Select advanced options screen.

14.

c. These options are described and detailed in Scan Options.

15. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

16. On the Select Discovery Team settings screen, based on your Agent version, use these settings.

Note: The screen only displays when multiple On-Prem agents are selected.

d. Agent 13.0+: Ensure these ports are open.

  • Port 5672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

Note: This communication is for reading and writing information to the message queue.

  • Port 15672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

Note: This is for the Message Queue Management Interface and API.

e. Agent 13.2+: Ensure these ports are open.

  • Ports 5671 & 5672: Use the following settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

Note: This communication is for reading and writing information to the message queue.

  • Ports 15671 & 15672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

Note: This is for the Message Queue Management Interface and API.

f. Discovery Agent: Select an agent from the drop-down list.

Note: Distributed scans use the assigned discovery agent to conduct location discovery and provide a queue for all other agents to be assigned locations for scanning. While the Discovery Agent can be manually chosen, it is recommended that you use the preferred Discovery Agent.

a. Configure Agent IPs: If your organization requires it, you can set a specific IP address.

1) In the Add New IP Address box, type the new IP address and click the plus icon.

2) Hover over the new IP address more options menu and click Make Default.

3) Click Save to apply or Cancel to discard.

a. Agent 13.0 and legacy Agents: Select from these options.

1) These options are described and detailed in Scan Options

17. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

18. The next screen is the Select the scan schedule screen. To set up date, time, and / or recurrence, see Select Date and Time.

19. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

20. On the Who should receive notification of scan completion screen, select how to send email notifications.

  • b. I'll Manually Check My Scans Results

  • c. Send a Notification

1)

1) Select a user from the drop-down list or type an email address in the entry field and click Enter.

2) To additional email addresses, click the plus (+) icon and type the email addresses in the entry field.

21. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

22. On the Summary screen, select the chevron (>) to open and review your scan settings.

23.

24. Use the edit icon link to jump to a specific screen to edit a setting.

25.

26. Click Finish & Save to add the new Scan, Previous to return to the previous screen, or Exit Without Saving to discard.

Create a Collaboration Tools Scan

1. Click the Collaboration Tools tile.

2. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

3. On the Select the collaboration tool to scan screen, select:

  • SharePoint | SharePoint Online

  • Bitbucket

4. Expand a section for more information.

1. After selecting the collaboration tool SharePoint, the Select the agent(s) to perform the scan screen opens. Choose the agents you want to use for your scan. Click the chevron (>) to expand the sections.

a. To add an agent from the All On-Prem Agents list to the Selected On-Prem Agents list, click the arrow next to the agent name.

b. To move an agent from the Selected On-Prem Agents list back to the All On-Prem Agents list, click the arrow next to the agent name.

2. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

3. On the Select the target(s) to scan screen click the chevron (>) to expand the target list.

a. To add target(s) from the All Targets list to the Selected Targets list, click the arrow next to the target name.

b. To add a target from the Selected Targets list back to the All Targets list, click the arrow next to the target name.

4. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

5. On the Select SharePoint options screen, select all applicable:

6.

Select the types to search within SharePoint sites.

Specify the search types to include or exclude when searching SharePoint sites. By default, searching of all file types in the SharePoint document library is enabled. Alternately, searches can be enabled for tasks, calendar events, or contacts that have been synchronized with Outlook or input into SharePoint.

When using this setting outside of the console, note that the value for this setting is a bitmask of the logical OR of any of these values. When created in the Windows Registry, they are of type REG_DWORD. When entered into the Windows Registry or a configuration XML file, they should be entered as hexadecimal values. When entered into a security template (.inf) file, they should be entered in decimal.

Name Value Default
Documents/Files 0x00000001 On
Tasks 0x00000002 Off
Calendar 0x00000004 Off
Contacts 0x00000008 Off
Item 0x00000010 Off

7. Click Advanced Options button for more options.

8. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

9. On the Select advanced SharePoint options, select the settings to use.

The SSL settings to use when searching SharePoint sites.

Ignore untrusted root: Continue searching if the root certificate of the SSL chain is not currently in the trust store.

Ignore invalid date: Continue searching if the SSL certificate for the URL has an invalid or expired date.

Ignore mismatched CN: Continue searching if the domain name on the SSL certificate does not match the URL configuration.

Ignore incorrect usage: Continue searching if the SSL certificate is intended for a purpose other than verifying the identity of the sender and encrypting server communications.

When using this setting outside of the console, note that the value for this setting is a bitmask of the logical OR of any of these values. When created in the Windows Registry, they are of type REG_DWORD. When entered into the Windows Registry or a configuration XML file, they should be entered as hexadecimal values. When entered into a security template (.inf) file, they should be entered in decimal.

Name Value Default

Ignore untrusted root

 0x00000001 False

Ignore invalid date

 0x00000002 False

Ignore mismatched CN

 0x00000004 False
     

10. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

11. On the Select file type scan options - Advanced Options, select the options you need.

12.

c. These options are described and detailed in Scan Options.

d. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

13. On the Select advanced options screen, choose from the additional options.

14.

a. These options are described and detailed in Scan Options.

b. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

15. On the Select Discovery Team settings screen, choose the applicable options.

Note: The screen only displays when multiple On-Prem agents are selected.

a. Agent 13.1 and above:

3) Discovery Agent: Select an agent from the drop-down list.

Note: Distributed scans use the assigned discovery agent to conduct location discovery and provide a queue for all other agents to be assigned locations for scanning. While the Discovery Agent can be manually chosen, it is recommended that you use the preferred Discovery Agent.

4) Configure Agent IPs: If your organization requires it, you can set a specific IP address.

  • Click Configure Agent IP's.

  • In the Add New IP Address window, type the new IP address and click the plus icon.

  • Hover over the new IP address more options menu and click Make Default.

  • Click Save to apply or Cancel to discard.

b. For Agent 13.0 and legacy Agents, select from the options displayed.

These options are described and detailed in Scan Options.

16. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

17. The next screen is the Select the scan schedule screen. To set up date, time, and / or recurrence, see Select Date and Time.

18. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

19. On the Who should receive notification of scan completion screen, select how to send email notifications.

  • I'll Manually Check My Scans Results

  • Send An Email Notification:

c.

d. Select a user from the drop-down list and / or type an email address in the entry field and click Enter.

e. To add additional addresses, click the plus icon and type the email addresses in the entry field.

20. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

21. On the Summary screen, select the chevron (>) to open and review your scan settings.

22.

23. Use the edit icon link to jump to a specific screen to edit a setting.

24.

25. Click Finish & Save to add the new Scan, Previous to return to the previous screen, or Exit Without Saving to discard.

1. On the Select the agent(s) to perform the scan screen, choose the agents you want to use for your scan. Click the chevron (>) to expand the sections.

a. To add an agent from the All On-Prem Agents list to the Selected On-Prem Agents list, click the arrow next to the agent name.

b. To move an agent from the Selected On-Prem Agents list back to the All On-Prem Agents list, click the arrow next to the agent name.

2. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

1. On the Select the targets(s) to scan screen, choose the targets you want to use for your scan. Click the chevron (>) to expand the sections.

c. To add an target from the All Targets list to the Selected Targets list, click the arrow next to the target name.

a. To add target(s) from the Selected Targets list back to the All Targets list, click the arrow next to the target name.

2. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

3. On the Select file type scan options screen, select from the displayed options.

These options are described and detailed in Scan Options.

If applicable, click Advanced Options button to view additional options or click the Basic Options button to return to the previous screen.

4. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

5. On the Select file type scan options - Advanced Options, choose from the options:

6.

b. These options are described and detailed in Scan Options.

7. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

8. On the Select advanced options screen, you can use these additional options.

9.

a. These options are described and detailed in Scan Options.

10. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

11. On the Select Discovery Team settings screen, fill in the following:

Note: Discovery Team Settings only applies when multiple agents are assigned to a scan at runtime.

a. Agent 13.1 and above:

5) Discovery Agent: Select an agent from the drop-down list.

Note: Distributed scans use the assigned discovery agent to conduct location discovery and provide a queue for all other agents to be assigned locations for scanning. While the Discovery Agent can be manually chosen, it is recommended that you use the preferred Discovery Agent.

6) Configure Agent IPs: If your organization requires it, you can set a specific IP address.

  • Click Configure Agent IP's.

  • In the Add New IP Address window, type the new IP address and click the plus icon.

  • Hover over the new IP address more options menu and click Make Default.

  • Click Save to apply or Cancel to discard.

b. Agent 13.0 and legacy Agents: Select from the following:

1) These options are described and detailed in Scan Options

12. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

13. The next screen is the Select the scan schedule screen. To set up date, time, and / or recurrence, see Select Date and Time.

14. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

15. On the Select who should receive notification of scan completion screen, select how to send email notifications:

  • I'll Manually Check My Scans Results

  • Send An Email Notification

a.

Select a user from the drop-down list or type an email address in the entry field and click Enter.

b. To add additional email addresses, click the plus (+) icon and type the email addresses in the entry field.

16. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

17. On the Summary screen, select the chevron (>) to open and review your scan settings.

18.

19. Click the edit icon link in a section and jump to a specific screen to edit a setting.

20.

21. Click Finish & Save to add the new Scan, Previous to return to the previous screen, or Exit Without Saving to discard.

Note: To establish the connection required to scan a database target, the relevant driver must be installed on the agent host system

1. Click the Database tile.

2. On the Select which database to search screen, click a database type tile.

3.

  • Oracle

  • SQL Server

  • Sybase

  • IBM DB2

  • Informix

  • InterBase

  • SQLBase

  • SAP SQL Anywhere

  • MySQL

  • SQLite

  • PostgreSQL

  • ODBC

  • OLEDB

  • mongoDB

  • Snowflake

4. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

5. On the Select the agent(s) to perform the scan screen, expand the chevron (>) next to an agent listing.

a. To select an agent, click the arrow next to the agent name and move the agent from All On-Prem Agents list to the Selected All-Prem Agents list.

b. To move an agent from the Selected On-Prem Agents list back to the All On-Prem Agents list, click the arrow next to the agent name.

6. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

7. On the Select the target(s) to scan screen, select the chevron (>) to expand the target listing.

a. To select an target, click the arrow next to the target name and move the target from All Targets list to the Selected Targets list.

b. To move target from the Selected Target list back to the All Targets list, click the arrow next to the target name.

8. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

9. The Select SQL Advanced Options screen displays.

Include Primary Key Data - If a database includes a Primary Key column, it is possible to return the data in the cell of the Primary Key column for the row in which a result was found. The data will be displayed in the Preview window along with the list of columns in which the result was found. To include the Primary Key data, set this to "Include Primary Key data" (1).

Do not include Primary Key Data - This is the default setting for Primary Key Data.

Include Primary Key Data - If a database includes a Primary Key column, it is possible to return the data in the cell of the Primary Key column for the row in which a result was found. The data is displayed in the Preview window along with the list of columns in which the result was found. To include the Primary Key data, set this to "Include Primary Key data" (1).

Set Non-Matching cells limit - When searching structured data (files or databases searched via a connection string), the endpoint application will look within a column for data that matches the specified data type. After a specified number of cells in that column are searched without finding any matches, the search will move on to the next column. The counter is started at the first row and continues until the limit is hit or a match is found. If a match is found, all subsequent rows in that column will be searched. To disable this limit and search all cells, use a value of 0.

Exclude Column Types - Specify which column types are excluded when searching databases.

When using this setting outside of the console, note that the value for this setting is a bitmask of the logical OR of any of these values. When created in the Windows Registry, they are of type REG_DWORD. When entered into the Windows Registry or a configuration XML file, they should be entered as hexadecimal values. When entered into a security template (.inf) file, they should be entered in decimal.

Description Value Default
Exclude Integer Types

0x00000001

 Off
Exclude Double Types 0x00000002 Off
Exclude DateTime Types

0x00000004

 Off

Exclude String Types

 0x00000008 Off
Exclude Blob Types 0x00000010 Off
Exclude Cursor Types 0x00000020

Off

Log Level - When searching databases via the Database Search Module, it is desirable to see detailed logging information during configuration or troubleshooting. The logging specified via this setting only applies when logging has been enabled and only specific log entries are displayed if their corresponding log type has been enabled (for example, Info, Error)

The following log levels are available:

0 (Default): Standard logging: Includes basic information such as the name of the table being searched and errors.

1: Additional logging: Standard logging plus information about the status of the search for the current row.

2: Comprehensive logging: Additional logging plus details about each table, column and row.

3: Debug logging: Comprehensive logging plus the actual cell data for each cell searched.

Note: Data from the database is written in clear text to the client log file.

4: Full logging: Data from the database will be written in clear text to the client log file.

Note: Logging beyond the default level, especially the maximum level, creates very large log files and may contain sensitive information.

Row Count Start - Logging (Entry Field) - When the setting Settings\Locations\Databases\LogLevel is set to 1, it is possible to specify a row at which additional, detailed column information can be logged. To enable this logging, specify the row number at which to start. This setting should only be set after consulting with the Support Team.

Row Count Start (Entry Field) - The row number at which to start detailed column logging: When the setting Settings\Locations\Databases\LogLevel is set to 1, it is possible to specify a row at which additional, detailed column information can be logged. To enable this logging, specify the row number at which to start. This setting should only be set after consulting with the Support Team.

Row Count Stop - By default, all rows in a target database is searched. To specify the maximum number of rows to search in each table, set this to a value greater than 0. Once that number of rows have been searched, the search of that table will be stopped and searching resumes with the next appropriate table.

Scan Column Names - By default, all columns in a specified database are searched. To search only specific columns, enter those table names, one per line. The column name list applies to all databases configured to be searched.

By default, the comparison of column names requires an exact match. To allow a partial match, set ColumnMatchType.

To use this list as a list of columns to exclude from the search, set SearchColumnNamesIsExcludeList.

Require exact match - By default, the comparison of column names requires an exact match. To allow a partial match, set ColumnMatchType.

Allow partial match - By default, all columns in a specified database are searched. To search only specific columns, enter those table names, one per line. The column name list applies to all databases configured to be searched.

By default, the comparison of column names requires an exact match. To allow a partial match, set ColumnMatchType.

To use this list as a list of columns to exclude from the search, set SearchColumnNamesIsExcludeList.

Include/Exclude Columns (check to exclude) - By default, the column names listed in SearchColumnNames must match exactly to be included or excluded from the search. To allow partial matching - for example allowing the value zip (when specified in SearchColumnNames) to match the column ZipCodes, set this to "Allow partial match" (1). By default, the comparison of column names requires an exact match. To allow a partial match, set ColumnMatchType.

Column Names to Include/Exclude(Entry Field) - By default, when SearchColumnNames is used to specify specific column names, only those columns are included in the search. To search all columns except those specified in SearchColumnNames, set this to "Exclude list" (1).

By default, all columns in a specified database are searched. To search only specific columns, enter those table names, one per line. The column name list applies to all databases configured to be searched.

To use this list as a list of columns to exclude from the search, set SearchColumnNamesIsExcludeList.

Scan Table Names - By default, all tables in a specified database are searched. To search only specific tables, enter those table names, one per line. The table name list applies to all databases configured to be searched.

By default, the comparison of table names requires an exact match. To allow a partial match, set TableMatchType.

Require exact match - By default, the comparison of table names requires an exact match. To allow a partial match, set TableMatchType.

Allow partial match - By default, all columns in a specified database are searched. To search only specific columns, enter those table names, one per line. The column name list applies to all databases configured to be searched.

By default, the comparison of column names requires an exact match. To allow a partial match, set ColumnMatchType.

To use this list as a list of columns to exclude from the search, set SearchColumnNamesIsExcludeList.

Include/Exclude Tables (Check to exclude) - To use this list as a list of tables to exclude from the search, set SearchTableNamesIsExcludeList.

Table Names to Include/Exclude (Entry Field) - By default, all tables in a specified database are searched. To search only specific tables, enter those table names, one per line. The table name list applies to all databases configured to be searched.

By default, the comparison of table names requires an exact match. To allow a partial match, set TableMatchType.

To use this list as a list of tables to exclude from the search, set SearchTableNamesIsExcludeList.

Scan Table Types - Specify whether tables or views is included when searching databases. When using this setting outside of the console, note that the value for this setting is a bitmask of the logical OR of any of these values. When created in the Windows Registry, they are of type REG_DWORD. When entered into the Windows Registry or a configuration XML file, they need to be entered as hexadecimal values. When entered into a security template (.inf) file, they need to be entered in decimal.

Description Value Default

Include Tables

 0x00000001 On
Include Views 0x00000002 Off

Include Tables

Include Views

Database Preview Length (Entry Field) - To provide context to matches when viewing results on the console, version 10.7 and later of the endpoints and console can send the specified number of characters from before and after the match itself. By default, no characters preceding or following database matches will be sent to the console. The maximum allowed number of characters is 1000 and a value of 0 will disable sending preview information to the console.

Valid values:

0: Disabled (no preview data will be sent to the console)

1-1000: The specified number of characters from before and after the database match will be sent to the console

>1000: Invalid (the value will be set back to the default of 20)

Note: When Console\sendMatch is set to Disable (0), preview information will not be sent to the console.

Database Preview Match Max (Entry Field) -Specify the maximum number of unique keyword matches in a location to consider all of the keyword matches as part of the results for that location. If the number of unique keyword matches exceeds the value of this setting, then the matches will not be included in the results for this location.

This setting is only read if there are keywords configured as part of the custom type search. When using keyword custom type searches, this value can be used in conjunction with the CustomKeywords\minRequired setting to refine the results. The default value of zero (0) specifies that there is no maximum and that all keyword matches should be included in the results. To set a maximum, specify the number in this setting.

Example:

Five unique keywords are configured:

Keyword Names Keyword
KeyName1 Key1
KeyName2 Key2
KeyName3 Key3
KeyName4 Key4
KeyName5 Key5
   

maxAllowed = 3

For a location, "Key1" and "Key2" are matched, those matches are included in the results for the location.

For a location, "Key1","Key2","Key3", and "Key4" are matched, none of those matches are included in the results for the location.

When the mongoDB database is selected to scan, the NoSQL Advanced Options display instead of the Select SQL Advanced Options screen.

Enter these values:

Name Description
Admin Databases

Select one:

  • Include Default Admin Databases
  • Exclude Default Admin Databases
File Attachment Min Size Type the minimum attachment size required.
File Attachment Max Size Type the maximum attachment allowed size.
Record Count Stop Type the record number to stop the scan on.
Record Min Size

Type the minimum record size required.
Record Max Size Type the maximum record size allowed.
Store Min Size Type the minimum storage size required.
Store Max Size Type the maximum storage size allowed.
Database Min Size Type the minimum database size required.
Database Max Size Type the maximum database size allowed.
Database Names

Select one:

  • Require exact match
  • Allow partial match

Select to exclude tables:

  • Include/Exclude Tables

Type column names text box:

  • Type column names (one per line)
  • Empty=Include All
Store Names

Select one:

  • Require exact match
  • Allow partial match

Select to exclude tables:

  • Include/Exclude Tables

Type column names text box:

  • Type column names (one per line)
  • Empty=Include All
Label Names

Select one:

  • Require exact match
  • Allow partial match

Select to exclude tables:

  • Include/Exclude Tables

Type column names text box:

  • Type column names (one per line)
  • Empty=Include All

10. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

11. On the Select advanced options screen, select the applicable options.

12.

a. These options are described and detailed in Scan Options.

b.  

13. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

14. On the Select Discovery Team settings screen, choose from the displayed options.

Note: Discovery Team Settings only applies when multiple agents are assigned to a scan at runtime.

a. Agent 13.2+: Ensure these ports are open.

  • Ports 5671 & 5672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

Note: This communication is for reading and writing information to the message queue.

  • Ports 15671 & 15672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

Note: This is for the Message Queue Management Interface and API.

b. Discovery Agent: Select an agent from the drop-down list.

Note: Distributed scans use the assigned discovery agent to conduct location discovery and provide a queue for all other agents to be assigned locations for scanning. While the Discovery Agent can be manually chosen, it is recommended that you use the preferred Discovery Agent.

c. Configure Agent IPs: If your organization requires it, you can set a specific IP address.

1) Click Configure Agent IP's.

2) In the Add New IP Address window, type the new IP address and click the plus icon.

3) Hover over the new IP address more options menu and click Make Default.

4) Click Save to apply or Cancel to discard.

d. For Agent 13.0 and legacy Agents: Choose from these options:

15. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

16. The next screen is the Select the scan schedule screen. To set up date, time, and / or recurrence, see Select Date and Time.

17. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

18. On the Select who should receive notification of scan completion screen, select how to send email notifications.

  • I'll Manually Check My Scans Results

  • Send An Email Notification

19.

20. Select a user from the drop-down list or type an email address in the entry field and click Enter.

21. To add additional email addresses, click the plus (+) icon and type the addresses in the entry field.

22. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

23. On the Summary screen, select the chevron (>) next to a section to open and review your scan settings.

24.

25. Use the edit icon link to jump to a specific screen to edit a setting.

26.

27. Click Finish & Save to add the new Scan, Previous to return to the previous screen, or Exit Without Saving to discard.

1. Click the Website tile.

2. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

3. When you select the Website tile, the Select the agent(s) to perform the scan screen opens. To select an agent, expand the chevron (>) next to an agent listing.

a. To select an agent, click the arrow next to the agent name and move the agent from All On-Prem Agents list to the Selected All-Prem Agents list.

b. To move an agent from the Selected On-Prem Agents list back to the All On-Prem Agents list, click the arrow next to the agent name.

4. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

5. On the Select the target(s) to scan screen, select the chevron (>) to expand the target listing.

a. To select an target, click the arrow next to the target name and move the target from All Targets list to the Selected Targets list.

b. To move target from the Selected Target list back to the All Targets list, click the arrow next to the target name.

6. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

7. On the Select website options screen select search parameters.

8.

Search files linked from web pages in the Website search.

To disable the searching of web pages in the Website search, set this value to "False" (0).

  • False

  • True (default)

  • Yes

  • No

9. Click the Advanced Options button if applicable.

10. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

11. On the Website Options - Advanced Options screen, enter values, if applicable:

12.

Enter any URL address to exclude from the Website scan.

Specify the maximum depth to crawl.

By default, the user agent string used by the endpoint application during the Website search is, "Spirion Web Crawler Agent", to set a custom value for the webcrawler, change this value.

Ignore External LinksDefault.

Search externally linked files but do not follow external page links. To disable the searching of files linked from web pages in the Website search, set this value to "False" (0).

Follow External Links.

Only search pages and files in folders that are subfolders of the specified folder(s):

  • Do not restrict (Default)

  • Restrict

When enabled, only web pages and files that are in folders that are subfolders of urls specified in the URL list is is searched. For example, if the url http://www.website.com/folder is specified in the list, the default behavior is to read all of the pages in that folder and follow all of the links (with respect to other settings such as link depth and redirect policy, of course) such as a link to http://www.website.com/folder2/page1.html. When this setting is enabled, links outside of /folder are not followed.

13. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

14. On the Select file type scan options screen are additional Basic Options.

15.

a. These options are described and detailed in Scan Options.

16. Select the Advanced Options button to add additional options.

17. The Select file type scan options - Advanced Options screen displays the advanced options.

18.

b. These options are also described and detailed in Scan Options.

19. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

20. More options appear on Select advanced options screen.

21.

These options are described and detailed in Scan Options.

22. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

23. On the Select Discovery Team settings screen, choose the options to use.

Note: The screen only displays when multiple On-Prem agents are selected.

a.

b. Agent 13.2+: Ensure these ports are open.

  • Ports 5671 & 5672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent.

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

Note: This communication is for reading and writing information to the message queue.

  • Ports 15671 & 15672: Use these settings:

    • Open for Inbound TCP communication on the Discovery Agent

    • Open for Outbound TCP communication on ALL other agents involved in the same scan to the Discovery Agent.

Note: This is for the Message Queue Management Interface and API.

c. Discovery Agent: Select an agent from the drop-down list.

Note: Distributed scans use the assigned discovery agent to conduct location discovery and provide a queue for all other agents to be assigned locations for scanning. While the Discovery Agent can be manually chosen, it is recommended that you use the preferred Discovery Agent.

d. Configure Agent IPs: If your organization requires it, you can set a specific IP address.

1) In the Add New IP Address window, type the new IP address and click the plus icon.

2) Hover over the new IP address more options menu and click Make Default.

3) Click Save to apply or Cancel to discard.

Note: Distributed scans use the assigned discovery agent to conduct location discovery and provide a queue for all other agents to be assigned locations for scanning. While the Discovery Agent can be manually chosen, it is recommended that you use the preferred Discovery Agent.

e. Agent 13.0 and legacy Agents: Choose from these option.

These options are described and detailed in Scan Options.

Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

24. The next screen is the Select the scan schedule screen. To set up date, time, and / or recurrence, see Select Date and Time.

25. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

26. On the Select who should receive notification of scan completion screen, select how to send email notifications.

  • I'll Manually Check My Scans Results

  • Send An Email Notification

f.

g. Select a user from the drop-down list or type an email address in the entry field and click Enter.

h. To add additional email addresses, click the plus (+) icon andtype the email addresses in the entry field.

27. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
to discard.

28. On the Summary screen, select the chevron (>) next to a section to open and review your scan settings.

29. Use the edit icon link to jump to a specific screen to edit a setting.

30.

 

31. Click Finish & Save to add the new Scan, Previous to return to the previous screen, or Exit Without Saving to discard.