Veritas Data Insight User's Guide
- Section I. Introduction
- Section II. Data Insight Workspace
- Navigating the Workspace tab
- Analyzing data using the Workspace views
- Viewing access information for files and folders
- Viewing user activity on files or folders
- About visualizing collaboration on a share
- Viewing access information for users and user groups
- Section III. Data Insight reports
- Using Data Insight reports
- About Data Insight security reports
- Permissions reports
- Permissions Search report
- Creating a Permissions Query Template
- Permissions Query Template actions
- Ownership Reports
- About Data Insight storage reports
- About Data Insight custom reports
- Managing reports
- Viewing reports
- Using Data Insight reports
- Section IV. Remediation
- Configuring remediation workflows
- Managing workflow templates
- Creating a workflow using a template
- Managing workflows
- Using the Self-Service Portal
- About the Self-Service Portal
- Managing data
- About managing data using Enterprise Vault and custom scripts
- About adding tags to files, folders, and shares
- Managing permissions
- Configuring remediation workflows
- Appendix A. Command Line Reference
Auditing workflow paths
Data Insight provides a centralized view where you can audit the information of all the workflow paths across all workflows. The Audit page provides an audit trail for the actions taken by custodians through the Self-Service Portal on paths across all types of workflows.
Navigate to
> to review the details of all paths submitted for custodian action. You can view the following details on this page:The list of paths submitted as a part of various workflows.
The name of the workflow. Click the workflow name to navigate to the details page of that workflow.
The state of a path such as successfully executed, failed, expired, executing action, or canceled.
The recommended action that is submitted by the custodian from the Self-Service Portal for a workflow path.
The time at which the custodian has submitted response for the workflow path.
The date of completion of the workflow path when the status is logged as either expired, canceled, failed or success.
The name of the custodian who has been assigned the workflow path.
In case of Entitlement Review workflows, if the Custodian has revoked the access for a user/group from a path, the Audit page displays only those workflow paths where users' or groups' access has been revoked and not the users or groups who have been allowed access to that workflow path. The Custodian Action column will display the value as user/group.
Certain columns are hidden from the view. Click the drop-down button on any column heading and select the columns that you want to display.
When the hidden columns are displayed, you can view the following details:
The name of the device that the workflow path is located in.
The type of workflow.
The logon name of the custodian.
The comment given by the custodian while delegating the remediation on a path or declining to take action on a path.
The last response received for the workflow path when it is either failed or successful.
The sequence of delegation by the custodian(s).
The user or groups with permissions on paths in an Entitlement Review workflow.
The logon name of the user who has permissions on the path in case of an Entitlement Review workflow.
Whether or not a user is active on the path in case of an Entitlement Review workflow.
The groups of which the user is a direct member in an Entitlement Review workflow.
The permission granted to users on a path in an Entitlement Review workflow.
The retention category in Enterprise Vault using which the path is archived in the Records Classification workflows.
The policies that are violated by a workflow path.
The severity of the incident in case of the DLP Incident Remediation or Records Classification workflows.
Note:
When you hover your mouse on any column headers or values, tool-tips are displayed. If the status of a workflow path is Failed, the tool-tip displays the reason behind the failure.
You can take remediation actions for the paths that are part of the Records Classification and Entitlement Review workflows from the > page.
See Remediating workflow paths.
You can refine the audit data set using the predefined and advanced filters, and sort through the workflow paths that are listed on the Audit page.
Use predefined filters to filter the lists by various categories such as by Device Name, Workflow Type, Custodian Action, and Status. If you select more than one category, the filter conditions are applied using the logical operator AND. For example, if you select the
as DLP Incident Remediation and the as Failed, a list of all those DLP Incident Remediation workflow paths that are failed is displayed.In addition, you can use the advanced filter at the top of the table to filter on the basis of various column names including those columns that are hidden. You must display the hidden columns to view the filter results. Select the column name and choose a value to further narrow down the results on the basis of the following operators,
, and .Note:
The predefined filter options are displayed dynamically on the basis of the advanced filter that are applied for listing.