Help Center
Quick Start
- Overview
- System requirements
- Minimum privileges required
- Default port configuration
- Installing DataSecurity Plus
- Uninstalling DataSecurity Plus
- Starting DataSecurity Plus
- Launching DataSecurity Plus
- Configuring your solution
- Licensing details
- Applying a license
File Auditing
- About File Auditing
- Domain configuration
- File server configuration
- Failover cluster configuration
- NetApp server configuration
- Workgroup configuration
Setting up File Audit
Dashboard
Reports
Alerts
Configuration
Storage Configuration
File Analysis
- About File Analysis
- On-Demand Reports
Setting up File Analysis
Dashboard
Reports
Alerts
Configuration
Data Risk Assessment
- About Data risk assessment
Setting up Data risk assessment
Dashboard
Reports
Ownership analysis
Configuration
Endpoint DLP
- About Endpoint DLP
Setting up Endpoint DLP
Reports
Alerts
Prevention policies
Configuration
Cloud Protection
- About Cloud Protection
- Gateway Server Configuration
- Certificate Authority Configuration
- Gateway Configuration in Endpoint
- Manage Certificate Trust Store
- Threat Analytics Database
- Manage Banned Applications
- Manage Authorized Applications
- Gateway Server Failover
- Two-way SSL configuration
- Global Insight
- Application Insight
- User Insight
- Shadow Application Insight
- Banned Application Insight
- Cloud App Discovery
- Cloud Access Reports
- Application Insights
- Shadow Cloud Application Reports
- Banned Cloud Application Reports
- File Upload & Download Reports
Setting up Cloud Protection
Dashboard
Reports
Control Policies
Storage Configuration
Administrative settings
- Technician configuration
- Notification filters
- Manage agent
- Agent settings
- SIEM integration
- Business hours configuration
- Two-factor authentication
- Workgroup configuration
- Security policy
Email configuration
General settings
- Connection
- Personalize
- DataSecurity Plus Server
- Privacy Settings
- Disk utilization
- Schedule Retention Policy
Policy Configuration
Release notes
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
Troubleshooting
- HTTP communication failure
- Dormant DataEngine
- Secure Gateway server failure
- RPC communication failure
- Known issues and limitations
- Known errors and solutions
Guides
- Agent document
- How to Migrate/Move DataSecurity Plus
- How to apply SSL certificate
- How to automate DataSecurity Plus database backup
- How to set alerts in DataSecurity Plus
- How to secure your DataSecurity Plus installation
Source-based reports
DataSecurity Plus' Endpoint DLP solution offers multiple source-based reports. Follow the steps below to view them:
- Select Endpoint DLP from the application drop-down menu at the top-left corner and navigate to Reports.
- Under Source Based Reports, select which source you'd like to view reports for.
- Choose an Endpoint Name to view audit data for that particular endpoint.
- Select the desired time range using the Periods drop-down.
- Choose your desired Profile to view the audit report for that particular profile.
Each report has multiple profiles configured by default, each of which is defined to apply to different scenarios. To learn about default configuration settings for each profile and how to customize them, follow the steps listed in the audit profile configuration help page.
The following reports can be viewed under Source Based Reports for selected endpoints, periods, and profiles.
File Paste Report
This report lists all file paste actions and the following details:
- Endpoint Name: Shows the name of the endpoint where the paste action was performed.
- Time Generated: Shows the timestamp when the paste event was generated.
- Accessed By: Shows the name of the user who performed the paste action.
- Message: Shows what action was performed, i.e., File Paste.
- Location: Shows the file path where the file was pasted to.
- Process Name: Shows the name of the application through which the paste action was carried out, such as Explorer, Chrome, etc.
- Client Host: Shows the name of the domain the endpoint belongs to.
- Copy Source: Shows the file path where the file was copied from.
- Creation Time: Shows the timestamp when the file was pasted at the destination.
- Last Access Time: Shows the timestamp when the file was last accessed.
- Last Write Time: Shows the timestamp when the file was last modified.
FIM Report
This report lists all file change actions and the following details:
- Endpoint Name: Shows the name of the endpoint where the file change action was performed.
- Client Host: Shows the name of the domain the endpoint belongs to.
- Time Generated: Shows the timestamp when the file change event was generated.
- Accessed By: Shows the name of the user who performed the file change action.
- Message: Shows what action was performed, such as Copy, Paste, Modify, Delete, File Extension Change, etc.
- Location: Shows the file path where the file is currently located.
- New File Name: Shows the new file path of the file. It will be different from the Location in case of file change actions, such as Move, Rename, etc.
- Process Name: Shows the name of the application through which the file change action was carried out, such as Explorer, Chrome, etc.
- USB Event: Shows whether the file change action was carried out on a plugged-in USB device.
- Device Instance Path: Shows the plugged-in USB device's instance ID, if applicable.
- Creation Time: Shows the timestamp when the file was created.
- Last Access Time: Shows the timestamp when the file was last accessed.
- Last Write Time: Shows the timestamp when the file was last modified.
File Share Report
This report lists all file change actions made to shared folders and the following details:
- Endpoint Name: Shows the name of the endpoint where the shared folder is located.
- Time Generated: Shows the timestamp when the file change event was generated.
- Accessed By: Shows the name of the user who performed the file change action.
- Message: Shows what action was performed such as Copy, Paste, Modify, Delete, File Extension Change, etc.
- Location: Shows the file path where the file is currently located.
- New File Name: Shows the new file path of the file. It will be different from the Location in case of file change actions, such as Move, Rename, etc.
- Process Name: Shows the name of the application through which the file change action was carried out, such as Explorer, Chrome, etc.
- Client Host: Shows the name of the domain the endpoint belongs to.
- USB Event: Shows whether the file change action was carried out on a plugged-in USB device.
- Device Instance Path: Shows the plugged-in USB device's instance ID, if applicable.
- Creation Time: Shows the timestamp when the file was created.
- Last Access Time: Shows the timestamp when the file was last accessed.
- Last Write Time: Shows the timestamp when the file was last modified.
Network Share Activity
This report lists all file change actions made to shared folders by accessing the network path and the following details:
- Endpoint Name: Shows the name of the endpoint where the shared folder is located.
- Time Generated: Shows the timestamp when the file change event was generated.
- Accessed By: Shows the name of the user who performed the file change action.
- Message: Shows what action was performed, such as Copy, Paste, Modify, Delete, File Extension Change, etc.
- Location: Shows the file path where the file is currently located.
- New File Name: Shows the new file path of the file. It will be different from the Location in case of file change actions, such as Move, Rename, etc.
- Process Name: Shows the name of the application through which the file change action was carried out, such as Explorer, Chrome, etc.
- Client Host: Shows the name of the domain the endpoint belongs to.
Removable Storage File Activity
This report lists all file change actions made to plugged-in USB drives and the following details:
- Endpoint Name: Shows the name of the endpoint where the USB is plugged in.
- Time Generated: Shows the timestamp when the file change event was generated.
- Accessed By: Shows the name of the user who performed the file change action.
- Message: Shows what action was performed, such as Copy, Paste, Modify, Delete, File Extension Change, etc.
- Location: Shows the file path where the file is currently located.
- New File Name: Shows the new file path of the file. It will be different from the Location in case of file change actions, such as Move, Rename, etc.
- Process Name: Shows the name of the application through which the file change action was carried out, such as Explorer, Chrome, etc.
- Client Host: Shows the name of the domain the endpoint belongs to.
- USB Event: Shows a confirmation that the file change action was carried out on a plugged-in USB device.
- Device Instance Path: Shows the plugged-in USB device's instance ID.
- Creation Time: Shows the timestamp when the file was created.
- Last Access Time: Shows the timestamp when the file was last accessed.
- Last Write Time: Shows the timestamp when the file was last modified.
Email Auditing Report
This report lists information about all outbound emails sent by users with the following details:
- Endpoint Name: Shows the name of the endpoint from where the email was sent.
- User Name: Shows the name of the user who sent the email.
- Process Name: Shows the name of the application through which the email was sent, such as Outlook, Chrome, etc.
- Mail From: Shows the email address of the user who sent the mail.
- Mail To: Shows the email addresses of the recipients.
- Mail Bcc: Shows the email addresses of the recipients added as Bcc.
- Mail Cc: Shows the email addresses of the recipients added as Cc.
- Mail Subject: Shows the email subject.
- Mail Sent Time: Shows the timestamp when the email was sent.
- Mail Classification: Shows the classification label assigned to the email, such as Restricted, Public, etc.
- Attachment ID: Shows the unique ID assigned to the attachments.
- Attachments Count: Shows the number of attachments sent along with the email. Upon clicking the number, the list of attachments, along with its name, classification label, and size, is displayed.
Printer Auditing Report
This report lists information about all print jobs initiated by users with these details:
- File Name: Shows the name of the file sent to print.
- Printer Name: Shows the name of the printer the print job was sent to.
- Endpoint Name: Shows the name of the endpoint from where the print job was sent.
- User Name: Shows the name of the user who sent the print job.
- Time Generated: Shows the timestamp when the print job was sent.
- Total Pages: Shows the number of pages sent to print.
- File Size: Shows the size of the file sent to print.
- Port Name: Shows the name of the port through which the printer communicates with the endpoint.
- Notify Name: Shows the name of the user who is designated to be notified about the status of the print job.
- Printer User Name: Shows the name of the user who configured the printer.
Web Auditing Report
This report lists file changes made through web browsers with these details:
- Endpoint Name: Shows the name of the endpoint where the file change action was performed.
- Time Generated: Shows the timestamp when the file change event was generated.
- Accessed by: Shows the name of the user who performed the file change action.
- Message: Shows what action was performed, such as Copy, Paste, Modify, Delete, File Extension Change, etc.
- Location: Shows the file path where the file is currently located.
- Process Name: Shows the file path of the web browser through which the file change action was carried out, such as Chrome, Firefox, etc.
- Creation Time: Shows the timestamp when the file was created.
- Last Access Time: Shows the timestamp when the file was last accessed.
- Last Write Time: Shows the timestamp when the file was last modified.
- Client Host: Shows the name of the domain the endpoint belongs to.