Veritas Data Insight User's Guide

Last Published:
Product(s): Data Insight (6.1.2)
  1. Section I. Introduction
    1. Introducing Veritas Data Insight
      1.  
        About Veritas Data Insight
      2.  
        About data custodian
      3.  
        About permissions
      4.  
        About SharePoint permissions
      5.  
        About Box permissions
      6.  
        About audit logs
      7.  
        About migrated domains
      8.  
        Applications for Symantec Data Loss Prevention
      9.  
        Content classification using Veritas Information Classifier
    2. Using the Veritas Data Insight Management Console
      1. About the Veritas Data Insight Management Console
        1.  
          Header
        2.  
          Tabs
        3.  
          Navigation pane
        4.  
          Content pane
      2.  
        Operation icons on the Management Console
      3.  
        Logging in to the Data Insight Management Console
      4.  
        Logging out of the Data Insight Management Console
      5.  
        Accessing online Help
  2. Section II. Data Insight Workspace
    1. Navigating the Workspace tab
      1.  
        About the Data Insight Workspace
      2.  
        Using the Workspace filters
      3.  
        Managing the Workspace
      4.  
        Searching the storage device hierarchy
      5.  
        Searching for users and user groups
    2. Analyzing data using the Workspace views
      1.  
        About information risk
      2.  
        Viewing summary of data sources
      3. Viewing shares summary
        1.  
          About control points
      4.  
        About the risk score for users
      5. About the Risk Dossier
        1.  
          Assessing risky users - an example scenario
      6.  
        Viewing user summary
      7.  
        Viewing details of Watchlist users
      8.  
        Viewing details of alert notifications
    3. Viewing access information for files and folders
      1.  
        About viewing file or folder summary
      2.  
        Viewing the overview of a data source
      3.  
        Managing data custodian for paths
      4.  
        Viewing the summary of user activity on a file or folder
      5. Viewing user activity on files or folders
        1.  
          Assigning an inferred data owner as custodian
        2.  
          Assigning an active user as custodian
        3.  
          Assigning a custodian from the Permissions tab
      6.  
        Viewing file and folder activity
      7.  
        Viewing CIFS permissions on folders
      8.  
        Viewing NFS permissions on folders
      9.  
        Viewing SharePoint permissions for folders
      10.  
        Viewing Box permissions on folders
      11.  
        Viewing audit logs for files and folders
      12. About visualizing collaboration on a share
        1.  
          Analyzing activity on collaborative shares
    4. Viewing access information for users and user groups
      1.  
        Viewing the overview of a user
      2.  
        Viewing the overview of a group
      3.  
        Managing custodian assignments for users
      4.  
        Viewing folder activity by users
      5.  
        Viewing CIFS permissions for users
      6.  
        Viewing CIFS permissions for user groups
      7.  
        Viewing NFS permissions for users and user groups
      8.  
        Viewing SharePoint permissions for users and user groups
      9.  
        Viewing Box permissions for users and user groups
      10.  
        Viewing audit logs for users
  3. Section III. Data Insight reports
    1. Using Data Insight reports
      1.  
        About Data Insight reports
      2.  
        How Data Insight reporting works
      3.  
        Creating a report
      4. About Data Insight security reports
        1.  
          Activity Details report
        2. Permissions reports
          1.  
            Inactive Users
          2.  
            Path Permissions
          3. Permissions Search report
            1.  
              Create Permissions Search report
          4.  
            About Permissions Query templates
          5. Creating a Permissions Query Template
            1.  
              Using the match-type criteria
          6.  
            Creating custom rules
          7. Permissions Query Template actions
            1.  
              Editing or deleting a Permissions Query Template
            2.  
              Copying a Permissions Query Template
            3.  
              About sharing a Permissions Query Template
          8.  
            Using Permissions Search report output to remediate permissions
          9.  
            Entitlement Review
          10.  
            User/Group Permissions
          11.  
            Group Change Impact Analysis
        3. Ownership Reports
          1.  
            Data Custodian Summary
          2.  
            Inferred Owner
          3.  
            Data Inventory Report
      5.  
        Create/Edit security report options
      6.  
        Data Insight limitations for Box permissions
      7. About Data Insight storage reports
        1.  
          Activity Summary reports
        2. Capacity reports
          1.  
            Filer Utilization
          2.  
            Filer Growth Trend
        3. Data Lifecycle reports
          1.  
            Inactive Data by File Group
          2.  
            Inactive Data by Owner
          3.  
            Data Aging
          4.  
            Inactive Folders
        4. Consumption Reports
          1.  
            Potential Duplicate Files
          2.  
            Consumption by Folders
          3.  
            Consumption by Department
          4.  
            Consumption by File Group
          5.  
            Consumption by Owner
          6.  
            Consumption by File Group and Owner
      8.  
        Create/Edit storage report options
      9. About Data Insight custom reports
        1.  
          About DQL query templates
        2.  
          Creating custom templates for DQL queries
        3.  
          Create/Edit DQL report options
      10.  
        Considerations for importing paths using a CSV file
    2. Managing reports
      1.  
        About managing Data Insight reports
      2. Viewing reports
        1.  
          About stale information in reports
      3.  
        Filtering a report
      4.  
        Editing a report
      5.  
        About sharing reports
      6.  
        Copying a report
      7.  
        Running a report
      8.  
        Viewing the progress of a report
      9.  
        Customizing a report output
      10.  
        Configuring a report to generate a truncated output
      11.  
        Sending a report by email
      12.  
        Automatically archiving reports
      13.  
        Canceling a report run
      14.  
        Deleting a report
      15.  
        Considerations for viewing reports
      16.  
        Organizing reports using labels
  4. Section IV. Remediation
    1. Configuring remediation workflows
      1.  
        About remediation workflows
      2.  
        Prerequisites for configuring remediation workflows
      3.  
        Configuring Self-Service Portal settings
      4.  
        About workflow templates
      5. Managing workflow templates
        1.  
          Create/Edit Entitlement Review workflow template
        2.  
          Create/Edit DLP Incident Remediation workflow template
        3.  
          Create/Edit Ownership Confirmation workflow template
        4.  
          Create/Edit Records Classification workflow template
      6. Creating a workflow using a template
        1. Create Entitlement Review workflow options
          1.  
            Customizing Entitlement Review report output
        2.  
          Create DLP Incident Remediation workflow options
        3.  
          Create Ownership Confirmation workflow options
        4.  
          Create Records Classification workflow options
      7. Managing workflows
        1.  
          Viewing details of submitted workflows
        2.  
          Extending the deadline of a workflow
        3.  
          Copying a workflow
        4.  
          Managing submitted workflows
        5.  
          Canceling or deleting a workflow
      8.  
        Auditing workflow paths
      9.  
        Monitoring the progress of a workflow
      10.  
        Remediating workflow paths
    2. Using the Self-Service Portal
      1. About the Self-Service Portal
        1.  
          About Entitlement Review
      2.  
        Logging in to the Self-Service Portal
      3.  
        Using the Self-Service Portal to review user entitlements
      4.  
        Using the Self-Service Portal to manage Data Loss Prevention (DLP) incidents
      5.  
        Using the Self-Service Portal to confirm ownership of resources
      6.  
        Using the Self-Service Portal to classify sensitive data
    3. Managing data
      1. About managing data using Enterprise Vault and custom scripts
        1.  
          About Retention categories
        2.  
          About post-processing actions
      2.  
        Managing data from the Shares list view
      3.  
        Managing inactive data from the Folder Activity tab
      4.  
        Managing inactive data by using a report
      5.  
        Archiving workflow paths using Enterprise Vault
      6.  
        Using custom scripts to manage data
      7.  
        Pushing classification tags while archiving files into Enterprise Vault
      8. About adding tags to files, folders, and shares
        1.  
          Using the metadata framework for classification and remediation
    4. Managing permissions
      1.  
        About permission visibility
      2.  
        About recommending permission changes
      3. About recommending permissions changes for inactive users
        1.  
          Reviewing permission recommendations
        2.  
          Analyzing permission recommendations and applying changes
      4.  
        Making permission changes directly from Workspace
      5.  
        Removing permissions for Entitlement Review workflow paths
  5. Appendix A. Command Line Reference
    1.  
      mxcustodian

Monitoring the progress of a workflow

On the Workflows listing page, you can view the progress of workflows that are submitted to the Self-Service Portal. You can also view the details of the actions that are taken on all paths that are part of a workflow.

All workflow-specific jobs must run before you can see the response that the custodian submits from the Veritas Self-Service Portal on the Data Insight Console.

To view the status of a workflow

  1. On the console, click the Workflows tab and then the Workflows sub-tab.

    On the Workflows list page, you can view the status for each workflow. The following table describes the possible status for any workflow:

    Status

    Description

    Draft

    When the workflow is saved as a draft but is not submitted to the portal server.

    Submitted

    When the workflow is submitted from the Management Server but is not picked up by the Portal server for processing.

    In-progress

    When workflow is being processed by the portal server for processing .

    Completed

    A workflow is marked as complete if:

    • The end date of the workflow lapses and after a day of grace period from the end date.

    • An action is taken on all the paths by all the custodians and the portal server has processed the workflow

    Canceled

    If you have canceled the workflow.

    Grace Period

    After the due date of the workflow, an extra day is given as grace period. In this case, the state of the workflow is set to Grace Period. If actions are still not taken by the end of the grace period, the status changes to Completed, and the state of the paths will be shown as Expired.

    Failed

    If Data Insight fails to create a workflow database based on the input that is provided for the workflow.

  2. On the workflow listing page, click Select Action > View, or click the workflow link to view details of a submitted, completed, or canceled workflow.
  3. On the workflow summary page, you can view the list of paths that are submitted for custodians' actions on the Self-Service Portal. The page also displays the summary of the total paths in the workflow, the percentage of paths on which an action is submitted on the portal, and the time within which the workflow must be completed.

    Select a path to review the details of the workflow.

    Depending on the type of the workflow, you can also view the following details:

    • In case of an Entitlement Review workflow, the users whose permissions were reviewed, the current permissions assigned to the user on that path, the activity status of the user, the direct groups from which permissions are inherited by the user, the custodian's recommendation - whether to allow access to the user or not, and whether the user is a creator owner on the path.

    • In case of a DLP Incident Remediation workflow, the Data Loss Prevention (DLP) policies that the paths violate, the severity of the incidents, and the incident IDs that need to be remediated. The incident ID is associated with the available response rules for a given incident.

    • In case of a Records Classification workflow, the policies that the files violate, the name of the action , the retention category being applied to the file, and the response from the Enterprise Vault™ server.

    • The custodian(s) for whose action the workflow is submitted.

    • The status for each path can be one of the following:

      Status

      Description

      Pending

      Indicates that the custodian has not taken any action on the assigned paths.

      Executing Action

      In case of a Records Classification workflow, this status indicates that a file is marked as record by the custodian, and the archive request is being processed by Enterprise Vault™.

      Success

      Indicates that the custodian has submitted an action and the action has been registered with the Data Insight Management Server.

      In case of a DLP Incident Remediation workflow, it means that Data Insight has sent the response rule request for execution to the DLP Response Rule Execution Service.

      In case of a Records Classification workflow, if a file is marked as record by the custodian, and if automatic action is configured, Data Insight submits the response for action to Enterprise Vault. Once Enterprise Vault archives the file and applies the post-processing actions on the file, Data Insight displays the response from Enterprise Vault on the Management Console. In this case, Success indicates that the archive request is completed by Enterprise Vault™.

      Whereas, if a file is marked as No record, or if automatic action is not enabled, Success indicates that the custodian has submitted the response from the Portal. In this case, Data Insight simply logs the response submitted by the custodian on the Self-Service portal.

      Failed

      Indicates that the action submitted by the portal user on the Self-Service Portal is not registered with the Data Insight Management Server for any reason.

      Expired

      - Indicates that the due date for completing the workflow has expired, and the portal users will not be able to take any action on the paths in that particular workflow,

    • Depending on the type of workflow, you can also view the following information about the paths assigned for remediation:

      Workflow

      Details

      Entitlement Review

      Click the path to see the details of the user permissions on that path. For each user with permissions on the path, you can view the following information:

      • The user name

      • The login ID of the user

      • The type of permission the user has on the path. For example, read, write etc.

      • Activity status of the user, whether Active or Inactive.

      • Whether the user is allowed access on the path or not.

      • Whether the user is the creator/owner of the folder on the file system.

        The creator owner on a path by default has Full permissions on the path.

      DLP Incident Remediation

      The actions are based on configured DLP Smart Response rules, for example, Quarantine, Mark for Deletion, or Archive.

      For information about Smart Response rules, see the Symantec Data Loss Prevention Administration Guide.

      A possible action can also be Delegate if the custodian delegates the incident remediation for certain paths to another user.

      Ownership Confirmation

      The possible actions for any path can be Confirm or Decline ownership.

      Record Classification

      The possible actions for any file can be Archive or Do not archive