Please enter search query.
 
              Search <book_title>...
            
 
          Veritas Data Insight Administrator's Guide
                Last Published: 
				2024-06-19
                
              
              
                Product(s): 
				Data Insight (7.0)
                 
              
              
                Platform: Windows
              
            - Section I. Getting started- Introduction to Veritas Data Insight administration
- Configuring Data Insight global settings- About Data Insight licensing
- SQLite WAL mode
- Configuring SMTP server settings
- About scanning and event monitoring
- Monitoring Indexer Node Storage Utilization
- About filtering certain accounts, IP addresses, and paths
- About archiving data
- About Data Insight integration with Symantec Data Loss Prevention (DLP)
- Importing sensitive files information through CSV
- Configuring advanced analytics
- About open shares
- About user risk score
- Configuring file groups
- Configuring Workspace data owner policy
- Configuring Management Console settings
- About bulk assignment of custodians
- Configuring Watchlist settings
- Configuring Metadata Framework
- Proof of concept
 
 
- Section II. Configuring Data Insight- Configuring Data Insight product users
- Configuring Data Insight product servers- About Data Insight product servers
- Adding a new Data Insight server
- Managing Data Insight product servers
- Viewing Data Insight server details
- About node templates
- Adding Portal role to a Data Insight server
- Adding Classification Server role to a Data Insight server
- Assigning Classification Server to a Collector
- Associating a Classification Server pool to a Collector
- Viewing in-progress scans
- Configuring Data Insight services
- Configuring advanced settings
- Monitoring Data Insight jobs
- Rotating the encryption keys
- Viewing Data Insight server statistics
- About automated alerts for patches and upgrades
- Deploying upgrades and patches remotely
- Using the Upload Manager utility
- About migrating storage devices across Indexers
- Viewing the status of a remote installation
 
- Configuring saved credentials
- Configuring directory service domains- About directory domain scans
- Adding a directory service domain to Data Insight
- Managing directory service domains
- Fetching users and groups data from NIS+ scanner
- Configuring attributes for advanced analytics
- Deleting directory service domains
- Scheduling scans
- Configuring business unit mappings
- Importing additional attributes for users and user groups
 
- Configuring containers
 
- Section III. Configuring native file systems in Data Insight- Configuring NetApp 7-mode file server monitoring- About configuring NetApp file server monitoring
- Prerequisites for configuring NetApp file servers
- Credentials required for configuring NetApp filers
- Credentials required for configuring NetApp NFS filers
- Configuring SMB signing
- About FPolicy
- Preparing Data Insight for FPolicy
- Preparing the NetApp filer for Fpolicy
- Preparing the NetApp vfiler for Fpolicy
- Configuring NetApp audit settings for performance improvement
- Preparing a non-administrator domain user on the NetApp filer for Data Insight
- Enabling export of NFS shares on a NetApp file server
- Excluding volumes on a NetApp file server
- Handling NetApp home directories in Data Insight
 
- Configuring clustered NetApp file server monitoring- About configuring a clustered NetApp file server
- About configuring FPolicy in Cluster-Mode
- Pre-requisites for configuring clustered NetApp file servers
- Credentials required for configuring a clustered NetApp file server
- Preparing a non-administrator local user on the clustered NetApp filer
- Preparing a non-administrator domain user on a NetApp cluster for Data Insight
- Preparing Data Insight for FPolicy in NetApp Cluster-Mode
- Preparing the ONTAP cluster for FPolicy
- About configuring secure communication between Data Insight and cluster-mode NetApp devices
- Enabling export of NFS shares on a NetApp Cluster-Mode file server
- Enabling SSL support for Cluster Mode NetApp auditing
 
- Configuring EMC Celerra or VNX monitoring
- Configuring EMC Isilon monitoring- About configuring EMC Isilon filers
- Prerequisites for configuration of Isilon or Unity VSA file server monitoring
- Credentials required for configuring an EMC Isilon cluster
- Configuring audit settings on EMC Isilon cluster using OneFS GUI console
- Configuring audit settings on EMC Isilon cluster using the OneFS CLI
- Configuring Isilon audit settings for performance improvement
- Preparing Veritas Data Insight to receive event notifications from an EMC Isilon or Unity VSA cluster
- Creating a non-administrator user for an EMC Isilon cluster
- Utilizing access zone's SmartConnect Zone/Alias mappings
- Purging the audit logs in an Isilon filer
 
- Configuring EMC Unity VSA file servers
- Configuring Hitachi NAS file server monitoring
- Configuring Windows File Server monitoring
- Configuring Veritas File System (VxFS) file server monitoring
- Configuring monitoring of a generic device
- Managing file servers- About configuring filers
- Viewing configured filers
- Adding filers- Add/Edit NetApp filer options
- Add/Edit NetApp cluster file server options
- Add/Edit EMC Celerra filer options
- Add/Edit EMC Isilon file server options
- Add/Edit EMC Unity VSA file server options
- Add/Edit Windows File Server options
- Add/Edit Veritas File System server options
- Add/Edit a generic storage device options
- Add/Edit Hitachi NAS file server options
 
- Custom schedule options
- Editing filer configuration
- Deleting filers
- Viewing performance statistics for file servers
- About disabled shares
- Adding shares
- Managing shares
- Editing share configuration
- Deleting shares
- About configuring a DFS target
- Adding a configuration attribute for devices
- Configuring a DFS target
- About the DFS utility
- Running the DFS utility
- Importing DFS mapping
 
- Renaming storage devices
 
- Configuring NetApp 7-mode file server monitoring
- Section IV. Configuring SharePoint data sources- Configuring monitoring of SharePoint web applications- About SharePoint server monitoring
- Credentials required for configuring SharePoint servers
- Configuring a web application policy
- About the Data Insight web service for SharePoint
- Viewing configured SharePoint data sources
- Adding web applications
- Editing web applications
- Deleting web applications
- Adding site collections
- Managing site collections
- Removing a configured web application
 
- Configuring monitoring of SharePoint Online accounts- About SharePoint Online account monitoring
- Configuring user with minimum privileges in Microsoft 365
- Creating an application in the Microsoft Azure portal
- Configuring application without user impersonation for Microsoft 365
- Adding SharePoint Online accounts
- Managing a SharePoint Online account
- Adding site collections to SharePoint Online accounts
- Managing site collections
 
 
- Configuring monitoring of SharePoint web applications
- Section V. Configuring cloud data sources- Configuring monitoring of Box accounts
- Configuring OneDrive account monitoring
- Managing cloud sources
 
- Section VI. Configuring Object Storage Sources
- Section VII. Health and monitoring
- Section VIII. Alerts and policies
- Section IX. Remediation- Configuring remediation settings
 
- Section X. Reference- Appendix A. Data Insight best practices
- Appendix B. Migrating Data Insight components
- Appendix C. Backing up and restoring data
- Appendix D. Data Insight health checks- About Data Insight health checks- Services checks
- Deployment details checks
- Generic checks
- Data Insight Management Server checks
- Data Insight Indexer checks
- Data Insight Collector checks
- Data Insight Windows File Server checks
- Data Insight SharePoint checks
- Classification server health checks
- Data Insight self service portal server health checks
 
 
- About Data Insight health checks
- Appendix E. Command File Reference
- Appendix F. Data Insight jobs
- Appendix G. Troubleshooting- About general troubleshooting procedures
- About the Health Audit report
- Location of Data Insight logs
- Downloading Data Insight logs
- Migrating the data directory to a new location
- Troubleshooting FPolicy issues on NetApp devices
- Troubleshooting EMC Celera or VNX configuration issues
- Troubleshooting EMC Isilon configuration issues
- Troubleshooting SharePoint configuration issues
- Troubleshooting Hitachi NAS configuration issues
- Troubleshooting installation of Tesseract software
 
 
Creating an Athena table
To Create an Athena table for a trail using the Athena console
- Log in to at https://console.aws.amazon.com/athena/
- Open the Query Editor tab and enter the following Hive data definition language (DDL) command CREATE DATABASE <myDataBase> . Replace myDatabase with the name of the database that you want to create.
- Select Run Query or press Ctrl+ENTER.
- From the Database menu, select your database. It will then be considered as the current database.
- Navigate to the Query Editor and under Database select Create table >> Create table option
- Paste the query given below in the query windowNote: Replace trail-log-location with the location copied from AWS. For more information, refer to See Configuring Audit Events in AWS . CREATE EXTERNAL TABLE `cloudtrail_logs_aws_data_events`( `eventversion` string COMMENT 'from deserializer', `useridentity` struct<type:string,principalid:string,arn:string,accountid:string, invokedby:string,acces skeyid:string,username:string,sessioncontext:struct <attributes:struct<mfaauthenticat ed:string,creationdate:string>,sessionissuer:struct <type:string,principalid:string,arn:st ring,accountid:string,username:string>>> COMMENT 'from deserializer', `eventtime` string COMMENT 'from deserializer', `eventsource` string COMMENT 'from deserializer', `eventname` string COMMENT 'from deserializer', `awsregion` string COMMENT 'from deserializer', `sourceipaddress` string COMMENT 'from deserializer', `useragent` string COMMENT 'from deserializer', `errorcode` string COMMENT 'from deserializer' `errormessage` string COMMENT 'from deserializer', `requestparameters` string COMMENT 'from deserializer', `responseelements` string COMMENT 'from deserializer', `additionaleventdata` string COMMENT 'from deserializer', `requestid` string COMMENT 'from deserializer', `eventid` string COMMENT 'from deserializer', `resources` array<struct<arn:string,accountid:string,type:string>> COMMENT 'from deserializer', `eventtype` string COMMENT 'from deserializer', `apiversion` string COMMENT 'from deserializer', `readonly` string COMMENT 'from deserializer', `recipientaccountid` string COMMENT 'from deserializer', `serviceeventdetails` string COMMENT 'from deserializer', `sharedeventid` string COMMENT 'from deserializer', `vpcendpointid` string COMMENT 'from deserializer') PARTITIONED BY (`region` string, `timestamp` string) ROW FORMAT SERDE 'com.amazon.emr.hive.serde.CloudTrailSerde' STORED AS INPUTFORMAT 'com.amazon.emr.cloudtrail.CloudTrailInputFormat' OUTPUTFORMAT 'org.apache.hadoop.hive.ql.io.HiveIgnoreKeyTextOutputFormat' LOCATION 's3://<trail-log-location>/CloudTrail/${region}'Note: Replace trail-log-location with the location copied from AWS. For more information, refer to See Configuring Audit Events in AWS . TBLPROPERTIES ( 'classification'='cloudtrail', 'projection.enabled'='true', 'projection.timestamp.format'='yyyy/MM/dd', 'projection.timestamp.interval'='1', 'projection.timestamp.interval.unit'='DAYS', 'projection.timestamp.range'='2020/01/01,NOW', 'projection.timestamp.type'='date', 'projection.region.type'='ENUM', 'projection.region.values'='us-east-2,us-east-1,us-west-1, us-west-2,ca-central-1,af-south-1,ap-east-1,ap-south-1,ap-northeast-3,ap-northeast-2, ap-southeast-1,ap-southeast-2,ap-northeast-1,cn-north-1,cn-northwest-1,eu-central-1, eu-north-1,eu-west-1,eu-west-2,eu-west-3,eu-south-1,me-south-1,us-gov-east-1, us-gov-west-1,sa-east-1', 'storage.location.template'='s3://[trail-log-location]/CloudTrail/ ${region}/${timestamp}')Note: Replace trail-log-location with the location copied from AWS. For more information, refer to See Configuring Audit Events in AWS . Note: AWS Athena stores every query results in the bucket. There is no way to prevent Athena from doing it. Data Insight recommends to set a life-cycle policy on the bucket or folder. For example, you could delete query results periodically.