Veritas Data Insight 6.1 Administrator's Guide
- Section I. Getting started
- Introduction to Veritas Data Insight administration
- Configuring Data Insight global settings
- Overview of Data Insight licensing
- About scanning and event monitoring
- About filtering certain accounts, IP addresses, and paths
- About archiving data
- About Data Insight integration with Symantec Data Loss Prevention (DLP)
- Configuring advanced analytics
- About open shares
- About bulk assignment of custodians
- Section II. Configuring Data Insight
- Configuring Data Insight product users
- Configuring Data Insight product servers
- About node templates
- About automated alerts for patches and upgrades
- Configuring saved credentials
- Configuring directory service domains
- Adding a directory service domain to Data Insight
- Configuring containers
- Section III. Configuring native file systems in Data Insight
- Configuring NetApp file server monitoring
- Configuring clustered NetApp file server monitoring
- About configuring secure communication between Data Insight and cluster-mode NetApp devices
- Configuring EMC Celerra or VNX monitoring
- Configuring EMC Isilon monitoring
- Configuring Hitachi NAS file server monitoring
- Configuring Windows File Server monitoring
- Configuring Veritas File System (VxFS) file server monitoring
- Configuring monitoring of a generic device
- Managing file servers
- Adding filers
- Adding shares
- Renaming storage devices
- Configuring NetApp file server monitoring
- Section IV. Configuring SharePoint data sources
- Configuring monitoring of SharePoint web applications
- About the Data Insight web service for SharePoint
- Adding web applications
- Adding site collections
- Configuring monitoring of SharePoint Online accounts
- About SharePoint Online account monitoring
- Adding SharePoint Online accounts
- Adding site collections to SharePoint Online accounts
- Configuring monitoring of SharePoint web applications
- Section V. Configuring cloud data sources
- Section VI. Configuring ECM data sources
- Section VII. Health and monitoring
- Section VIII. Alerts and policies
- Section IX. Remediation
- Section X. Reference
- Appendix A. Backing up and restoring data
- Appendix B. Data Insight health checks
- Appendix C. Command File Reference
- Appendix D. Data Insight jobs
- Appendix E. Troubleshooting
- Troubleshooting FPolicy issues on NetApp devices
About configuring OneDrive monitoring
Data Insight monitors Microsoft OneDrive cloud accounts to provide information about who owns the data, who is performing activity on the data, and what data should it be archived or deleted. OneDrive uses the Open Authorization 2 (OAuth2) protocol to permit access to a third-party application.
Data Insight scans the OneDrive account for metadata such as path of the file or folder, created by, modified by, modified date, and also fetches audit events for the OneDrive user accounts. Note that Data Insight does not fetch permissions for OneDrive accounts.
In the Data Insight configuration, the OneDrive tenant account (your organization's OneDrive account) corresponds to a file server and the individual user accounts correspond to shares on a filer. To scan the OneDrive tenant account and the underlying user accounts, Data Insight uses the access token provided by the OneDrive app. To get the access token from the app, you must provide the credentials of an Office 365 global administrator privileges on the redirect URL page.
Before you configure OneDrive monitoring in Data Insight, complete the following prerequisites:
Create an app and register it with Microsoft to enable communication between Data Insight and the OneDrive account.
See Registering Data Insight with Microsoft to enable OneDrive account monitoring.
Enable auditing in Office 365 Admin Center.
To enable auditing, in Office 365 Admin Center navigate to
> > . Click .Note that it takes 24 hours for the audit logs to start appearing on the Audit log search page.
Create a role with View-only audit log privilege. This user credentials are used by Data Insight to collect OneDrive audit logs.
Do the following:
In the Office 365 Admin Center, navigate to
> .Note:
Only an Office 365 Global administrator can log in to the Security and Compliance view.
Provide View-Only Audit Logs privilege to the role , and add the user with role SharePoint administrator role to newly-created role.
In the Office 365 Admin Center, navigate to
> >Ensure that you use the same user credentials with role as SharePoint administrator.
For more information, see https://support.office.com/en-us/article/Turn-off-audit-log-search-in-Office-365.
On the Windows Server, ensure that the execution policy is set to RemoteSigned. This permits running of PowerShell scripts for device discovery and audit data collection. To configure the policy, start Windows PowerShell as administrator, and run the following commands:
To view the configured execution policy:
Get-ExecutionP
olicy
To configure the execution policy to RemoteSigned:
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope LocalMachine
The SharePoint Online Management PowerShell installer is installed on the machine with the role as Collector. You can download the installable from the following location:
https://www.microsoft.com/en-in/download/details.aspx?id=35588
The SharePoint Online Client Components SDK is installed on the Collector. You can download the installable from the following location:
https://www.microsoft.com/en-in/download/details.aspx?id=42038
The DataInsightOneDrive service is configured and running on the Collector node. This service is responsible for collecting metadata the audit events for OneDrive accounts.
The following Data Insight limitations apply when monitoring OneDrive accounts:
The ability to add OneDrive tenant accounts and user accounts in bulk using CSV is not supported.
Data Insight does not fetch permissions for OneDrive accounts. The
> > tab will be disabled for OneDrive paths (share equivalent and folders).For this reason, you will also not be able to select configured OneDrive paths when creating Permissions reports and Entitlement Review workflows.
Scan and audit exclude rules are not supported.
Scan errors are not reported on the Scanning dashboard for OneDrive scan failures. However, the onedrive_connector_service and commd logs will contain information about these errors and exceptions.
You cannot create Data Loss Prevention (DLP) Incident Remediation workflows and the Records Classification workflows for OneDrive paths.
Archive and classify actions for OneDrive paths from the
and tabs are not supported.The pause window in the scan schedule does not apply when scanning cloud data sources. On the Settings > Scan Status page, the ability to pause or cancel an in-progress scan job is not available.
Certain audit events such as folder create, folder modified, and folder copies are not fetched for OneDrive accounts. This limitation is observed because Microsoft Office 365 does not support these event types.