Veritas Data Insight Administrator's Guide
- Section I. Getting started
- Introduction to Veritas Data Insight administration
- Configuring Data Insight global settings
- Overview of Data Insight licensing
- About scanning and event monitoring
- About filtering certain accounts, IP addresses, and paths
- About archiving data
- About Data Insight integration with Symantec Data Loss Prevention (DLP)
- Configuring advanced analytics
- About open shares
- About bulk assignment of custodians
- Section II. Configuring Data Insight
- Configuring Data Insight product users
- Configuring Data Insight product servers
- About node templates
- About automated alerts for patches and upgrades
- Configuring saved credentials
- Configuring directory service domains
- Configuring containers
- Section III. Configuring native file systems in Data Insight
- Configuring NetApp file server monitoring
- Configuring clustered NetApp file server monitoring
- About configuring secure communication between Data Insight and cluster-mode NetApp devices
- Configuring EMC Celerra or VNX monitoring
- Configuring EMC Isilon monitoring
- Configuring EMC Unity VSA file servers
- Configuring Hitachi NAS file server monitoring
- Configuring Windows File Server monitoring
- Configuring Veritas File System (VxFS) file server monitoring
- Configuring monitoring of a generic device
- Managing file servers
- Adding filers
- Adding shares
- Renaming storage devices
- Configuring NetApp file server monitoring
- Section IV. Configuring SharePoint data sources
- Configuring monitoring of SharePoint web applications
- About the Data Insight web service for SharePoint
- Adding web applications
- Adding site collections
- Configuring monitoring of SharePoint Online accounts
- About SharePoint Online account monitoring
- Adding SharePoint Online accounts
- Adding site collections to SharePoint Online accounts
- Configuring monitoring of SharePoint web applications
- Section V. Configuring cloud data sources
- Section VI. Configuring ECM data sources
- Section VII. Health and monitoring
- Section VIII. Alerts and policies
- Section IX. Remediation
- Section X. Reference
- Appendix A. Backing up and restoring data
- Appendix B. Data Insight health checks
- Appendix C. Command File Reference
- Appendix D. Data Insight jobs
- Appendix E. Troubleshooting
- Troubleshooting FPolicy issues on NetApp devices
About configuring OneDrive monitoring
Data Insight monitors Microsoft OneDrive cloud accounts to provide information about who owns the data, who is performing activity on the data, and what data should it be archived or deleted. OneDrive uses the Open Authorization 2 (OAuth2) protocol to permit access to a third-party application.
Data Insight scans the OneDrive account for metadata such as path of the file or folder, created by, modified by, modified date, and also fetches audit events for the OneDrive user accounts. Note that Data Insight does not fetch permissions for OneDrive accounts.
In the Data Insight configuration, the OneDrive tenant account (your organization's OneDrive account) corresponds to a file server and the individual user accounts correspond to shares on a filer. To scan the OneDrive tenant account and the underlying user accounts, Data Insight uses the access token provided by the OneDrive app. To get the access token from the app, you must provide the credentials of an Office 365 global administrator privileges on the redirect URL page.
Before you configure OneDrive monitoring in Data Insight, complete the following prerequisites:
Table:
Prerequisite | How to |
---|---|
Create an app and register it with Microsoft to enable communication between Data Insight and the OneDrive account. | See Registering Data Insight with Microsoft to enable OneDrive account monitoring. |
Create credentials in Office 365 Admin Center that Data Insight uses to monitor access events on the OneDrive accounts. | Do the following:
|
Enable auditing in Office 365 Admin Center. |
For more information, see https://support.office.com/en-us/article/Turn-off-audit-log-search-in-Office-365. |
Create a role with View-only audit log privilege. These user credentials are used by Data Insight to collect OneDrive audit logs. | Do the following:
|
Grant permissions to Data Insight to scan a user's OneDrive account. | |
The DataInsightOneDrive service is configured and running on the Collector node. This service is responsible for collecting metadata the audit events for OneDrive accounts. | |
If your organization requires internet connections to pass through a proxy server, edit the | Do the following:
|
Configure the proxy server in your LAN settings. | In the Windows Control Panel, click > > . Select and enter the IP of your proxy server.Run the following command to verify if the proxy settings have already been configured: netsh winhttp show proxy If a proxy server is not configured, you must import the settings. To import the proxy settings from Internet Explorer (IE), run the following command: netsh winhttp import proxy source=ie |
Ensure that the following URLs are allowed by your organization's proxy server and firewall settings: | - |
Ensure that the incoming and outgoing traffic is routed through a single IP and port. Usually systems with multiple NICs have mismatch in incoming and outgoing IP/Port used. This is important because the login request response from Microsoft has to be routed through the IP/Port configured in the redirect URL. In this scenario, Data Insight will not be able to fetch any audit data. | Review the commd, sponline, and onedrive logs in the |
The following Data Insight limitations apply when monitoring OneDrive accounts:
The ability to add OneDrive tenant accounts and user accounts in bulk using CSV is not supported.
Data Insight does not fetch permissions for OneDrive accounts. The
> > tab will be disabled for OneDrive paths (share equivalent and folders).For this reason, you will also not be able to select configured OneDrive paths when creating Permissions reports and Entitlement Review workflows.
Scan and audit exclude rules are not supported.
Scan errors are not reported on the Scanning dashboard for OneDrive scan failures. However, the onedrive_connector_service and commd logs will contain information about these errors and exceptions.
You cannot create Data Loss Prevention (DLP) Incident Remediation workflows and the Records Classification workflows for OneDrive paths.
Archive and classify actions for OneDrive paths are not supported.
The pause window in the scan schedule does not apply when scanning cloud data sources. On the Settings > Scan Status page, the ability to pause or cancel an in-progress scan job is not available.
Certain audit events such as folder create, folder modified, and folder copies are not fetched for OneDrive accounts. This limitation is observed because Microsoft Office 365 does not support these event types.
Audit of OneDrive accounts is not supported on Microsoft 2016 because the Powershell version supported by Data Insight is not compatible with the version supported by Microsoft 2016.