Veritas Data Insight User's Guide
- Section I. Introduction
- Section II. Data Insight Workspace
- Navigating the Workspace tab
- Analyzing data using the Workspace views
- Viewing access information for files and folders
- Viewing user activity on files or folders
- About visualizing collaboration on a share
- Viewing access information for users and user groups
- Section III. Data Insight reports
- Using Data Insight reports
- About Data Insight security reports
- Permissions reports
- Permissions Search report
- Creating a Permissions Query Template
- Permissions Query Template actions
- Ownership Reports
- About Data Insight storage reports
- About Data Insight custom reports
- Managing reports
- Viewing reports
- Using Data Insight reports
- Section IV. Remediation
- Configuring remediation workflows
- Managing workflow templates
- Creating a workflow using a template
- Managing workflows
- Using the Self-Service Portal
- About the Self-Service Portal
- Managing data
- About managing data using Enterprise Vault and custom scripts
- About adding tags to files, folders, and shares
- Managing permissions
- Configuring remediation workflows
- Appendix A. Command Line Reference
Viewing audit logs for users
You can view audit logs of the access details for a particular user in a given time period.
To view the audit logs for users
- From the Workspace, navigate to the Users list-view.
- Click a user. The Summary panel populates to display additional details.
- Click Expand Profile on the Summary panel to display the underlying user-centric views.
By default, the Overview tab displays the a summary of the selected user.
- Click Audit Logs. Or right-click the user, and select Audit Logs.
- Apply the time filter for which you want to view the selected user's activity. By default, Data Insight displays the audit logs for the last six months from the current date.
- Select the share for which you want to view the activity by the selected user.
Use the device filter in the content pane to search for specific devices where selected group has permissions. The Devices with activity filter is applied by default. The filter pane displays the list of data sources that have some shares, site collections, or equivalent on which the selected user has activity.
At the share-level in the hierarchy, you can also filter the paths using other predefined filters, such as disabled share or site collections where the user has activity.
- Enter the start and the end dates in the To and From field.
Additionally, you can also filter the audit logs based on the following criteria:
The IP address of the computer that the user has generated the access activity from.
The type of access for which you want to view audit logs. For SharePoint web applications, you can specify either access type (meta operations, such as Read, Write, Delete, Create, and Rename) or access details (SharePoint operations).
Data Insight maps all SharePoint access types such as checkout, view, check in, write, update, delete, and move to Data Insight meta access types - Read, Write, Delete, and Rename.
You can enter multiple values separated by commas. Enter the filter criteria in the relevant fields and click Go.
- Click on a folder to see the user's activity on that folder.
- The audit logs provide the following information:
The name of the file that is accessed.
The path of the file.
The type of access event.
In case of a folder on a SharePoint site, the SharePoint access type such as checkout, view, check in, write, or update.
The type of file.
The access count.
The IP address of the computer from which the file was accessed.
Currently, you cannot view the IP address of the computer from which the file was accessed for Windows File Servers, VxFS filers, and SharePoint sites.
The start and the end time of the access events.
- Click the drop-down arrow on any column header and select Columns. Then select the parameters you want to show.
More Information