Scans Settings

Scans Settings is where you manage your settings for:

  • Scan Item Number and Load

  • Target Preferences

  • Remediation Settings

  • Policy and Application Updates

  • Notifications and Custom Notifications

  • Data Retention

Note: Settings changes are immediate upon entering data into a field. You may wish to retain a copy of the original settings when making updates if you need to revert back to the previous settings.

Expand a section for more information:

To access the Scan Settings screen:

1. From the left menu, click Settings.

2. Click Application Settings.

3. To view sections in the Scans Settings:

a. Click a down arrow to expand a section.

b. Click an up arrow to collapse a section.

To manage Scan Settings:

1. Click the down arrow to expand the section.

2. Fill in the following settings:

c. Minimum Load When Using Distributed Scanning (MB): Type a minimum scans number in megabytes.

d. Minimum Number of Items When Using Distributed Scanning: Type a minimum number of items to use.

e. Maximum Load When Using Distributed Scanning (MB): Type a maximum scans number in megabytes.

f. Maximum Number of Items When Using Distributed Scanning: Type a maximum number of items to use.

Note: If a distributed scan is not completing when run against a very large data set, you will need to set the thresholds to a minimum of 5 MB and a maximum of 10 MB and run the scan again. Please contact your Customer Success Manager if you have any questions.

To manage Agents settings:

1. Click the down arrow to expand the section.

2. Agent Search Progress Update Intervals: Type an interval setting.

3. Keep Agent Activity State History: Select, if applicable.

4. Automatically Merge Agents Based on: Select all applicable:

  • Disable

  • Hostname

  • Mac Address

  • IP Address

  • All

5. Inherit Permissions on Targets from Filter/IP Tags: Select, if applicable.

To manage Remediation settings:

1. Click the down arrow to expand the section.

2. Synchronize Classification Changes With Targets: Select, if applicable.

3. Classification Overlay Shape: Select an option from the drop-down list.

4. Use This Algorithm When Creating File Hashes: Select an option from the drop-down list.

5. Linux Quarantine File Path: Type the Linux location to quarantine the files.

6. Mac Quarantine File Path: Type the Mac location to quarantine the files.

7. Windows Quarantine File Path: Type the Microsoft windows location to quarantine the files.

8. Leave Behind Warning Text Content: Type a text message that displays on files specifying the reason of quarantine.

9. Redact Character Replacement: Type the character you want to use instead of the actual text for redacted information.

10. Redact all but Last 4: Select, if applicable.

Note: The format of a default quarantine location is <path>, <admin account> where path is useraccount@domain.com of a cloud location and admin account (optional) is the administrative account to quarantine files. For example, Google Drive quarantine file path can be john.doe@spirion.com/Quarantine.

Note: Global quarantine configurations for cloud locations are mostly done with the admin accounts. Also, global configurations can be overridden by Playbook quarantine locations.

11. Amazon S3 Quarantine File Path:Type the Amazon S3 location to quarantine the files.

12. Box Folder Quarantine File Path: Type one or more box locations to quarantine the files.

13. Dropbox Quarantine File Path: Type one or more dropbox locations to quarantine the files.

14. Azure Blob Quarantine File PathType the Azure Blob location to quarantine the files.

15. Microsoft One Drive Quarantine File Path: Type one or more Microsoft One Drive locations to quarantine the files.

16. Google Drive Quarantine File Path: Type the Google Drive location to quarantine the files.

17. SharePoint Quarantine File Path: Type the SharePoint location to quarantine the files.

18. Bitbucket Quarantine File Path: Type the Bitbucket location to quarantine the files.

19. In the Manage Protection (Authenticated) section, do the following:

a. Click Manage.

b. In the Manage Protection pop-up window, fill in the following:

1) Admin User Account Name: Type your admin user account name and click Authenticate.

2) Authentication Code: Type your authentication code provided from the authentication above in the box.

3) Click Save to save or Cancel to discard.

If you enter value in any of the optional fields, it is mandatory to add values in the other optional fields as well.

20. In the Manage Label (Authenticated) section, do the following:

a. Click Manage.

b. In the Manage Label pop-up window, fill in the following:

1) Admin User Account Name: Type your admin user account name and click Authenticate.

2) Authentication Code: Type your authentication code provided from the authentication above in the box.

3) Click Save to save or Cancel to discard.

To manage Updates settings:

1. Click the down arrow to expand the section.

2. Check This URL for Policy Definitions Updates: Type the URL that hosts your Policy Definitions.

3. Automatically Check for Updates When Resources Page is Loaded for the First Time: Select, if applicable.

4. Check This URL for Application Updates: Type the URL that hosts your Application Updates.

To manage Notifications settings:

1. On the left of the Notifications row, click the down arrow to expand the section.

2. In the Purge Notifications section, select an option from the Purge Dismissed Notification After drop-down list.

3. In the Custom Notification section, you can manage existing custom notifications or create new ones.

To manage a Custom Notification:

1. Locate a template in the list.

2. Use the toggle to change the deployed status.

3. To manage a template, click the more options menu.

4. Click Manage.

5. In the Manage Custom Notification pop-up window, make needed changes.

6. Click Update to save updates, Cancel to discard updates, or Delete to delete the template.

Note: If you click Delete button, it will immediately delete the template and there is no undo feature.

To create a New Template:

1. In the Custom Notifications section, click New Template.

2. In the Create Custom Notification pop-up window, fill in the following:

a. Name: Type the template name.

b. Subject: Type a description of the template subject.

c. Active: Use the toggle to change the Active status.

3. Body: Use the text editor to compose the body of the template. Use the toolbar to format the text and paragraphs, and to insert code and variables as needed.

4. Click Save to save the template or Cancel to discard.

To manage your Data Retention settings, fill in the following:

1. Audit Data Retention: Use numeric updown control to set the number of years to retain data. A minimum of five years is required.

2. Gather Data Retention: Use the numeric updown control to set the number of days to gather data. This number must be between 1 and 30 days.

3. Scan Results Retention: Use the numeric updown control to set the number months to retain scan results. This number must be between 1 and 12 months.

4. Event History - Watcher: Use the numeric updown control to set the number months for the Watcher Event History, if applicable.

5. Activity History: Use the numeric updown control to set the number to set the number of months in the Incident History. A minimum of 12 months is required.