Veritas Data Insight User's Guide

Last Published:
Product(s): Data Insight (6.3.1)
Platform: Windows
  1. Section I. Introduction
    1. Introducing Veritas Data Insight
      1.  
        About Veritas Data Insight
      2.  
        About data custodian
      3.  
        About permissions
      4.  
        About SharePoint permissions
      5.  
        About Box permissions
      6.  
        About audit logs
      7.  
        About migrated domains
      8.  
        Applications for Symantec Data Loss Prevention
      9.  
        Content classification using Veritas Information Classifier
    2. Using the Veritas Data Insight Management Console
      1. About the Veritas Data Insight Management Console
        1.  
          Header
        2.  
          Tabs
        3.  
          Navigation pane
        4.  
          Content pane
      2.  
        Operation icons on the Management Console
      3.  
        Logging in to the Data Insight Management Console
      4.  
        Logging out of the Data Insight Management Console
      5.  
        Accessing online Help
  2. Section II. Data Insight Workspace
    1. Navigating the Workspace tab
      1.  
        About the Data Insight Workspace
      2.  
        Using the Workspace filters
      3.  
        Managing the Workspace
      4.  
        Searching the storage device hierarchy
      5.  
        Searching for users and user groups
    2. Analyzing data using the Workspace views
      1.  
        About information risk
      2.  
        Viewing summary of data sources
      3. Viewing shares summary
        1.  
          About control points
      4.  
        About the risk score for users
      5. About the Risk Dossier
        1.  
          Assessing risky users - an example scenario
      6.  
        Viewing user summary
      7.  
        Viewing details of Watchlist users
      8.  
        Viewing details of alert notifications
    3. Viewing access information for files and folders
      1.  
        About viewing file or folder summary
      2.  
        Viewing the overview of a data source
      3.  
        Managing data custodian for paths
      4. Viewing user activity on files or folders
        1.  
          Assigning an inferred data owner as custodian
        2.  
          Assigning an active user as custodian
        3.  
          Assigning a custodian from the Permissions tab
      5.  
        Viewing file and folder activity
      6.  
        Viewing CIFS permissions on folders
      7.  
        Viewing NFS permissions on folders
      8.  
        Viewing SharePoint permissions for folders
      9.  
        Viewing OneDrive permissions for folders
      10.  
        Viewing Box permissions on folders
      11.  
        Viewing audit logs for files and folders
      12. About visualizing collaboration on a share
        1.  
          Analyzing activity on collaborative shares
    4. Viewing access information for users and user groups
      1.  
        Viewing the overview of a user
      2.  
        Viewing the overview of a group
      3.  
        Managing custodian assignments for users
      4.  
        Viewing folder activity by users
      5.  
        Viewing CIFS permissions for users
      6.  
        Viewing CIFS permissions for user groups
      7.  
        Viewing NFS permissions for users and user groups
      8.  
        Viewing SharePoint permissions for users and user groups
      9.  
        Viewing Box permissions for users and user groups
      10.  
        Viewing audit logs for users
  3. Section III. Data Insight reports
    1. Using Data Insight reports
      1.  
        About Data Insight reports
      2.  
        How Data Insight reporting works
      3.  
        Creating a report
      4. About Data Insight security reports
        1. Activity Details report
          1.  
            Create or Edit Activity Details for Paths report
          2.  
            Create or edit Activity Details for Users and Groups report
        2. Permissions reports
          1. Inactive Users
            1.  
              Create or edit Inactive Users report
          2. Path Permissions
            1.  
              Create or edit Path Permissions report
          3. Permissions Search report
            1.  
              Create Permissions Search report
          4.  
            About Permissions Query templates
          5. Creating a Permissions Query Template
            1.  
              Using the match-type criteria
          6.  
            Creating custom rules
          7. Permissions Query Template actions
            1.  
              Editing or deleting a Permissions Query Template
            2.  
              Copying a Permissions Query Template
            3.  
              About sharing a Permissions Query Template
          8.  
            Using Permissions Search report output to remediate permissions
          9. Entitlement Review
            1.  
              Create or edit Entitlement Review report
          10. User/Group Permissions
            1.  
              Create or edit User/Group Permissions
          11. Group Change Impact Analysis
            1.  
              Create or edit Group Change Impact Analysis report
        3. Ownership Reports
          1. Data Custodian Summary
            1.  
              Create or edit Data Custodian Summary report
          2. Inferred Owner
            1.  
              Create or edit Inferred Owner report
          3. Data Inventory Report
            1.  
              Create or edit Data Inventory report
      5.  
        Create/Edit security report options
      6. About Data Insight storage reports
        1. Activity Summary reports
          1.  
            Create or edit Activity Summary for Paths report
          2.  
            Create or edit Activity Summary for User/Groups report
        2. Capacity reports
          1. Filer Utilization
            1.  
              Create or edit Filer Utilization report
          2. Filer Growth Trend
            1.  
              Create or edit Filer Growth Trend report
        3. Data Lifecycle reports
          1. Inactive Data by File Group
            1.  
              Create or edit Inactive Data by File Group report
          2. Inactive Data by Owner
            1.  
              Create or edit Inactive Data by Owner report
          3. Data Aging
            1.  
              Create or edit Data Aging report
          4. Inactive Folders
            1.  
              Create or edit Inactive Folders report
        4. Consumption Reports
          1. Potential Duplicate Files
            1.  
              Create/Edit Potential Duplicate Files report
          2. Consumption by Folders
            1.  
              Create or edit Consumption by Folders report
          3. Consumption by Department
            1.  
              Create or edit Consumption by Department
          4. Consumption by File Group
            1.  
              Create/Edit Consumption by File Group
          5. Consumption by Owner
            1.  
              Create/Edit Consumption by Owner
          6. Consumption by File Group and Owner
            1.  
              Create/Edit Consumption by File Group and Owner
      7.  
        Create/Edit storage report options
      8. About Data Insight custom reports
        1.  
          About DQL query templates
        2.  
          Creating custom templates for DQL queries
        3.  
          Create/Edit DQL report options
        4. Creating DQL reports with custom variables
          1.  
            Running a DQL report with custom variables
      9.  
        Considerations for importing paths using a CSV file
    2. Managing reports
      1.  
        About managing Data Insight reports
      2. Viewing reports
        1.  
          About stale information in reports
      3.  
        Filtering a report
      4.  
        Editing a report
      5.  
        About sharing reports
      6.  
        Copying a report
      7.  
        Running a report
      8.  
        Viewing the progress of a report
      9.  
        Customizing a report output
      10.  
        Configuring a report to generate a truncated output
      11.  
        Sending a report by email
      12.  
        Automatically archiving reports
      13.  
        Canceling a report run
      14.  
        Deleting a report
      15.  
        Considerations for viewing reports
      16.  
        Organizing reports using labels
  4. Section IV. Remediation
    1. Configuring remediation workflows
      1.  
        About remediation workflows
      2.  
        Prerequisites for configuring remediation workflows
      3.  
        Configuring Self-Service Portal settings
      4.  
        About workflow templates
      5. Managing workflow templates
        1.  
          Create/Edit Entitlement Review workflow template
        2.  
          Create/Edit DLP Incident Remediation workflow template
        3.  
          Create/Edit Ownership Confirmation workflow template
        4.  
          Create/Edit Records Classification workflow template
      6. Creating a workflow using a template
        1. Create Entitlement Review workflow options
          1.  
            Customizing Entitlement Review report output
        2.  
          Create DLP Incident Remediation workflow options
        3.  
          Create Ownership Confirmation workflow options
        4.  
          Create Records Classification workflow options
      7. Managing workflows
        1.  
          Viewing details of submitted workflows
        2.  
          Extending the deadline of a workflow
        3.  
          Copying a workflow
        4.  
          Managing submitted workflows
        5.  
          Canceling or deleting a workflow
      8.  
        Auditing workflow paths
      9.  
        Monitoring the progress of a workflow
      10.  
        Remediating workflow paths
    2. Using the Self-Service Portal
      1. About the Self-Service Portal
        1.  
          About Entitlement Review
      2.  
        Logging in to the Self-Service Portal
      3.  
        Using the Self-Service Portal to review user entitlements
      4.  
        Using the Self-Service Portal to manage Data Loss Prevention (DLP) incidents
      5.  
        Using the Self-Service Portal to confirm ownership of resources
      6.  
        Using the Self-Service Portal to classify sensitive data
    3. Managing data
      1. About managing data using Enterprise Vault and custom scripts
        1.  
          About Retention categories
        2.  
          About post-processing actions
      2.  
        Managing data from the Shares list view
      3.  
        Managing inactive data from the Folder Activity tab
      4.  
        Managing inactive data by using a report
      5.  
        Archiving workflow paths using Enterprise Vault
      6.  
        Using custom scripts to manage data
      7.  
        Pushing classification tags while archiving files into Enterprise Vault
      8.  
        About adding tags to devices, files, folders, and shares
    4. Managing permissions
      1.  
        About permission visibility
      2.  
        About recommending permission changes
      3. About recommending permissions changes for inactive users
        1.  
          Reviewing permission recommendations
        2.  
          Analyzing permission recommendations and applying changes
      4.  
        Making permission changes directly from Workspace
      5.  
        Removing permissions for Entitlement Review workflow paths
  5. Appendix A. Command Line Reference
    1.  
      mxcustodian
  6.  
    Index

Auditing workflow paths

Data Insight provides a centralized view where you can audit the information of all the workflow paths across all workflows. The Audit page provides an audit trail for the actions taken by custodians through the Self-Service Portal on paths across all types of workflows.

Navigate to Workflows > Audit to review the details of all paths submitted for custodian action. You can view the following details on this page:

  • The list of paths submitted as a part of various workflows.

  • The name of the workflow. Click the workflow name to navigate to the details page of that workflow.

  • The state of a path such as successfully executed, failed, expired, executing action, or canceled.

  • The recommended action that is submitted by the custodian from the Self-Service Portal for a workflow path.

  • The time at which the custodian has submitted response for the workflow path.

  • The date of completion of the workflow path when the status is logged as either expired, canceled, failed or success.

  • The name of the custodian who has been assigned the workflow path.

In case of Entitlement Review workflows, if the Custodian has revoked the access for a user/group from a path, the Audit page displays only those workflow paths where users' or groups' access has been revoked and not the users or groups who have been allowed access to that workflow path. The Custodian Action column will display the value as Revoke access for user/group.

Certain columns are hidden from the view. Click the drop-down button on any column heading and select the columns that you want to display.

When the hidden columns are displayed, you can view the following details:

  • The name of the device that the workflow path is located in.

  • The type of workflow.

  • The logon name of the custodian.

  • The comment given by the custodian while delegating the remediation on a path or declining to take action on a path.

  • The last response received for the workflow path when it is either failed or successful.

  • The sequence of delegation by the custodian(s).

  • The user or groups with permissions on paths in an Entitlement Review workflow.

  • The logon name of the user who has permissions on the path in case of an Entitlement Review workflow.

  • Whether or not a user is active on the path in case of an Entitlement Review workflow.

  • The groups of which the user is a direct member in an Entitlement Review workflow.

  • The permission granted to users on a path in an Entitlement Review workflow.

  • The retention category in Enterprise Vault using which the path is archived in the Records Classification workflows.

  • The policies that are violated by a workflow path.

  • The severity of the incident in case of the DLP Incident Remediation or Records Classification workflows.

  • Post Processing action

  • Match count

  • Mandatory path

  • Incidents

Note:

When you hover your mouse on any column headers or values, tool-tips are displayed. If the status of a workflow path is Failed, the tool-tip displays the reason behind the failure.

You can take remediation actions for the paths that are part of the Records Classification and Entitlement Review workflows from the Workflows > Audit page.

See Remediating workflow paths.

Filtering workflow audit listing

You can refine the audit data set using the predefined and advanced filters, and sort through the workflow paths that are listed on the Audit page.

Use predefined filters to filter the lists by various categories such as by Device Name, Workflow Type, Custodian Action, and Status. If you select more than one category, the filter conditions are applied using the logical operator AND. For example, if you select the Workflow Type as DLP Incident Remediation and the Status as Failed, a list of all those DLP Incident Remediation workflow paths that are failed is displayed.

In addition, you can use the advanced filter at the top of the table to filter on the basis of various column names including those columns that are hidden. You must display the hidden columns to view the filter results. Select the column name and choose a value to further narrow down the results on the basis of the following operators, equals, and contains.

Note:

The predefined filter options are displayed dynamically on the basis of the advanced filter that are applied for listing.