Veritas Data Insight Administrator's Guide

Last Published:
Product(s): Data Insight (6.6)
Platform: Windows
  1. Section I. Getting started
    1. Introduction to Veritas Data Insight administration
      1. About Veritas Data Insight administration
        1.  
          Operation icons on the Management Console
        2.  
          Data Insight administration tasks
    2. Configuring Data Insight global settings
      1.  
        About Data Insight licensing
      2.  
        Configuring SMTP server settings
      3. About scanning and event monitoring
        1. Configuring scanning and event monitoring
          1.  
            Considerations for running a parallel scan
      4. About filtering certain accounts, IP addresses, and paths
        1.  
          About exclude rules for access events
        2.  
          About exclude rules for Scanner
        3. Adding exclude rules to Data Insight
          1.  
            Add/Edit Exclude rule for access events options
          2.  
            Add/Edit Exclude rule for Scanner options
      5. About archiving data
        1.  
          About purging data
        2.  
          Configuring data retention settings
      6. About Data Insight integration with Symantec Data Loss Prevention (DLP)
        1.  
          About configuring Data Insight to integrate with Data Loss Prevention (DLP)
        2.  
          Configuring Symantec Data Loss Prevention settings
        3.  
          Importing SSL certificate from the DLP Enforce Server to Data Insight Management Server
        4.  
          About Symantec Data Loss Prevention (DLP) integration with Data Insight
      7.  
        Importing sensitive files information through CSV
      8. Configuring advanced analytics
        1.  
          Choosing custom attributes for advanced analytics
      9. About open shares
        1.  
          Configuring an open share policy
      10. About user risk score
        1.  
          User risk weight configuration
      11.  
        Configuring file groups
      12.  
        Configuring Workspace data owner policy
      13.  
        Configuring Management Console settings
      14. About bulk assignment of custodians
        1.  
          Assigning custodians in bulk using a CSV file
        2.  
          Assigning custodians based on data ownership
      15.  
        Configuring Watchlist settings
      16. Configuring Metadata Framework
        1.  
          Using the metadata framework for classification and remediation
      17.  
        Proof of concept
  2. Section II. Configuring Data Insight
    1. Configuring Data Insight product users
      1.  
        About Data Insight users and roles
      2.  
        Reviewing current users and privileges
      3. Adding a user
        1.  
          Add or edit Data Insight user options
      4.  
        Editing users
      5.  
        Deleting users
      6.  
        Configuring authorization for Symantec Data Loss Prevention users
      7.  
        Configuring single sign-on (SSO) using security assertion markup language (SAML)
      8.  
        Disabling single sign-on (SSO)
    2. Configuring Data Insight product servers
      1.  
        About Data Insight product servers
      2.  
        Adding a new Data Insight server
      3.  
        Managing Data Insight product servers
      4.  
        Viewing Data Insight server details
      5. About node templates
        1.  
          Managing node templates
        2.  
          Adding or editing node templates
      6.  
        Adding Portal role to a Data Insight server
      7.  
        Adding Classification Server role to a Data Insight server
      8.  
        Assigning Classification Server to a Collector
      9.  
        Associating a Classification Server pool to a Collector
      10.  
        Viewing in-progress scans
      11.  
        Configuring Data Insight services
      12.  
        Configuring advanced settings
      13.  
        Monitoring Data Insight jobs
      14.  
        Rotating the encryption keys
      15.  
        Viewing Data Insight server statistics
      16. About automated alerts for patches and upgrades
        1.  
          Viewing and installing recommended upgrades and patches
      17.  
        Deploying upgrades and patches remotely
      18.  
        Using the Upload Manager utility
      19.  
        About migrating storage devices across Indexers
      20.  
        Viewing the status of a remote installation
    3. Configuring saved credentials
      1. About saved credentials
        1.  
          Managing saved credentials
      2.  
        Handling changes in account password
      3.  
        Data Insight Hash Utility
    4. Configuring directory service domains
      1.  
        About directory domain scans
      2. Adding a directory service domain to Data Insight
        1.  
          Add/Edit Active Directory options
        2.  
          Add/Edit LDAP domain options
        3.  
          Add/Edit NIS domain options
        4.  
          Add/Edit NIS+ domain options
        5. Add/Edit Azure active directory service
          1.  
            Prerequisites for configuring Azure AD
          2.  
            Registering Data Insight with Microsoft to scan Azure AD
          3.  
            Configuring application without user impersonation for Office 365
          4.  
            Creating an application in the SharePoint Admin Center
      3.  
        Managing directory service domains
      4.  
        Fetching users and groups data from NIS+ scanner
      5.  
        Configuring attributes for advanced analytics
      6.  
        Deleting directory service domains
      7.  
        Scheduling scans
      8.  
        Configuring business unit mappings
      9.  
        Importing additional attributes for users and user groups
    5. Configuring containers
      1.  
        About containers
      2. Adding containers
        1.  
          Add new container/Edit container options
      3.  
        Managing containers
  3. Section III. Configuring native file systems in Data Insight
    1. Configuring NetApp 7-mode file server monitoring
      1.  
        About configuring NetApp file server monitoring
      2.  
        Prerequisites for configuring NetApp file servers
      3.  
        Credentials required for configuring NetApp filers
      4.  
        Credentials required for configuring NetApp NFS filers
      5.  
        Configuring SMB signing
      6.  
        About FPolicy
      7.  
        Preparing Data Insight for FPolicy
      8.  
        Preparing the NetApp filer for Fpolicy
      9.  
        Preparing the NetApp vfiler for Fpolicy
      10.  
        Configuring NetApp audit settings for performance improvement
      11.  
        Preparing a non-administrator domain user on the NetApp filer for Data Insight
      12.  
        Enabling export of NFS shares on a NetApp file server
      13.  
        Excluding volumes on a NetApp file server
      14.  
        Handling NetApp home directories in Data Insight
    2. Configuring clustered NetApp file server monitoring
      1.  
        About configuring a clustered NetApp file server
      2.  
        About configuring FPolicy in Cluster-Mode
      3.  
        Pre-requisites for configuring clustered NetApp file servers
      4.  
        Credentials required for configuring a clustered NetApp file server
      5.  
        Preparing a non-administrator local user on the clustered NetApp filer
      6.  
        Preparing a non-administrator domain user on a NetApp cluster for Data Insight
      7.  
        Preparing Data Insight for FPolicy in NetApp Cluster-Mode
      8.  
        Preparing the ONTAP cluster for FPolicy
      9. About configuring secure communication between Data Insight and cluster-mode NetApp devices
        1.  
          Generating SSL certificates for NetApp cluster-mode authentication
        2.  
          Preparing the NetApp cluster for SSL authentication
      10.  
        Enabling export of NFS shares on a NetApp Cluster-Mode file server
      11.  
        Enabling SSL support for Cluster Mode NetApp auditing
    3. Configuring EMC Celerra or VNX monitoring
      1. About configuring EMC Celerra or VNX filers
        1.  
          About EMC Common Event Enabler (CEE)
        2.  
          Preparing the EMC filer for CEPA
        3.  
          Preparing Data Insight to receive event notification
      2.  
        Credentials required for configuring EMC Celerra filers
    4. Configuring EMC Isilon monitoring
      1.  
        About configuring EMC Isilon filers
      2.  
        Prerequisites for configuration of Isilon or Unity VSA file server monitoring
      3.  
        Credentials required for configuring an EMC Isilon cluster
      4.  
        Configuring audit settings on EMC Isilon cluster using OneFS GUI console
      5.  
        Configuring audit settings on EMC Isilon cluster using the OneFS CLI
      6.  
        Configuring Isilon audit settings for performance improvement
      7.  
        Preparing Veritas Data Insight to receive event notifications from an EMC Isilon or Unity VSA cluster
      8.  
        Creating a non-administrator user for an EMC Isilon cluster
      9.  
        Utilizing access zone's SmartConnect Zone/Alias mappings
      10.  
        Purging the audit logs in an Isilon filer
    5. Configuring EMC Unity VSA file servers
      1.  
        About configuring Dell EMC Unity storage platform
      2.  
        Credentials required for configuring an EMC Unity VSA file server
      3.  
        Configuring audit settings on EMC Unity cluster using Unisphere VSA Unity console
    6. Configuring Hitachi NAS file server monitoring
      1.  
        About configuring Hitachi NAS
      2.  
        Credentials required for configuring a Hitachi NAS EVS
      3.  
        Creating a domain user on a Hitachi NAS file server for Data Insight
      4.  
        Preparing a Hitachi NAS file server for file system auditing
      5.  
        Advanced configuration parameters for Hitachi NAS
    7. Configuring Windows File Server monitoring
      1.  
        About configuring Windows file server monitoring
      2.  
        Credentials required for configuring Windows File Servers
      3.  
        Using the installcli.exe utility to configure multiple Windows file servers
      4.  
        Upgrading the Windows File Server agent
    8. Configuring Veritas File System (VxFS) file server monitoring
      1.  
        About configuring Veritas File System (VxFS) file servers
      2.  
        Credentials required for configuring Veritas File System (VxFS) servers
      3.  
        Enabling export of UNIX/Linux NFS shares on VxFS filers
    9. Configuring monitoring of a generic device
      1.  
        About configuring a generic device
      2.  
        Credentials required for scanning a generic device
    10. Managing file servers
      1.  
        About configuring filers
      2.  
        Viewing configured filers
      3. Adding filers
        1.  
          Add/Edit NetApp filer options
        2.  
          Add/Edit NetApp cluster file server options
        3.  
          Add/Edit EMC Celerra filer options
        4.  
          Add/Edit EMC Isilon file server options
        5.  
          Add/Edit EMC Unity VSA file server options
        6.  
          Add/Edit Windows File Server options
        7.  
          Add/Edit Veritas File System server options
        8.  
          Add/Edit a generic storage device options
        9.  
          Add/Edit Hitachi NAS file server options
      4.  
        Custom schedule options
      5.  
        Editing filer configuration
      6.  
        Deleting filers
      7.  
        Viewing performance statistics for file servers
      8.  
        About disabled shares
      9. Adding shares
        1.  
          Add New Share/Edit Share options
      10.  
        Managing shares
      11.  
        Editing share configuration
      12.  
        Deleting shares
      13.  
        About configuring a DFS target
      14.  
        Adding a configuration attribute for devices
      15.  
        Configuring a DFS target
      16.  
        About the DFS utility
      17.  
        Running the DFS utility
      18.  
        Importing DFS mapping
    11. Renaming storage devices
      1.  
        About renaming a storage device
      2.  
        Viewing the device rename status
      3.  
        Considerations for renaming a storage device
  4. Section IV. Configuring SharePoint data sources
    1. Configuring monitoring of SharePoint web applications
      1.  
        About SharePoint server monitoring
      2.  
        Credentials required for configuring SharePoint servers
      3.  
        Configuring a web application policy
      4. About the Data Insight web service for SharePoint
        1.  
          Installing the Data Insight web service for SharePoint
      5.  
        Viewing configured SharePoint data sources
      6. Adding web applications
        1.  
          Add/Edit web application options
      7.  
        Editing web applications
      8.  
        Deleting web applications
      9. Adding site collections
        1.  
          Add/Edit site collection options
      10.  
        Managing site collections
      11.  
        Removing a configured web application
    2. Configuring monitoring of SharePoint Online accounts
      1. About SharePoint Online account monitoring
        1.  
          Prerequisites for configuring SharePoint Online account
      2.  
        Registering Data Insight with Microsoft to enable SharePoint Online account monitoring
      3.  
        Configuring application without user impersonation for Office 365
      4.  
        Creating an application in the SharePoint Admin Center
      5.  
        Configuring an administrator account for Data Insight
      6. Adding SharePoint Online accounts
        1.  
          Add/Edit SharePoint Online account options
      7.  
        Managing a SharePoint Online account
      8. Adding site collections to SharePoint Online accounts
        1.  
          Add/Edit site collection options
      9.  
        Managing site collections
  5. Section V. Configuring cloud data sources
    1. Configuring monitoring of Box accounts
      1.  
        About configuring Box monitoring
      2.  
        Using a co-admin account to monitor Box resources
      3. Configuring monitoring of cloud sources in Data Insight
        1.  
          Add/Edit Box account
      4.  
        Configuring Box cloud resources through proxy server
      5.  
        Data Insight limitations for Box permissions
    2. Configuring OneDrive account monitoring
      1.  
        About configuring OneDrive monitoring
      2.  
        Registering Data Insight with Microsoft to enable OneDrive account monitoring
      3.  
        Configuring application without user impersonation for Office 365
      4.  
        Creating an application in the SharePoint Admin Center
      5.  
        Add/Edit OneDrive account
      6. Adding OneDrive user accounts
        1.  
          Add/edit OneDrive user accounts
    3. Managing cloud sources
      1.  
        Viewing configured cloud sources
      2.  
        Managing cloud sources
  6. Section VI. Configuring Object Storage Sources
    1. Amazon S3
      1.  
        About Amazon Simple Storage Service (Amazon S3)
      2.  
        Configuring Amazon S3 account monitoring
      3.  
        Configuring Audit Events in AWS
      4.  
        Creating an Athena table
      5.  
        Adding Amazon S3 account
      6.  
        Limitations for Amazon S3 in Data Insight
      7. Managing Amazon S3 data source
        1.  
          Monitored Buckets
        2.  
          Classification
  7. Section VII. Health and monitoring
    1. Using Veritas Data Insight dashboards
      1.  
        Viewing the system health overview
      2.  
        Viewing the scanning overview
      3.  
        Viewing the scan status of storage devices
      4.  
        Viewing the scan history of storage devices
    2. Monitoring Data Insight
      1.  
        Viewing events
      2.  
        About high availability notifications
      3.  
        Monitoring the performance of Data Insight servers
      4.  
        Configuring email notifications
      5.  
        Enabling Windows event logging
      6.  
        Viewing scan errors
  8. Section VIII. Alerts and policies
    1. Configuring policies
      1.  
        About Data Insight policies
      2. Managing policies
        1.  
          Create Data Activity Trigger policy options
        2.  
          Create User Activity Deviation policy options
        3.  
          Create Real-time Permitted User-based Activity Policy options
        4.  
          Create Real-time Restricted User-based Activity Policy options
        5.  
          Create Real-time Sensitive Data Activity policy options
      3.  
        Managing alerts
  9. Section IX. Remediation
    1. Configuring remediation settings
      1. About configuring permission remediation
        1.  
          Managing and configuring permission remediation
        2.  
          Configuring exclusions for permission recommendation
      2.  
        About managing data
      3.  
        About deleting files
      4. About configuring archive options for Enterprise Vault
        1.  
          Adding new Enterprise Vault servers
        2.  
          Managing Enterprise Vault servers
        3.  
          Mapping file server host names
      5. Setting Microsoft Purview Information Protection (MIP) Label
        1.  
          Creating Minimum Privilege Account Role in Compliance Center
      6.  
        Using custom scripts to manage data
      7.  
        Viewing and managing the status of an operation
  10. Section X. Reference
    1. Appendix A.  Data Insight best practices
      1.  
        Understanding Data Insight best practices
    2. Appendix B.  Migrating Data Insight components
      1.  
        Migrating Data Insight components
    3. Appendix C. Backing up and restoring data
      1.  
        Selecting the backup and restore order
      2.  
        Backing up and restoring the Data Insight Management Server
      3.  
        Backing up and restoring the Indexer node
      4.  
        Understanding Data Insight best practices
    4. Appendix D. Data Insight health checks
      1. About Data Insight health checks
        1.  
          Services checks
        2.  
          Deployment details checks
        3.  
          Generic checks
        4.  
          Data Insight Management Server checks
        5.  
          Data Insight Indexer checks
        6.  
          Data Insight Collector checks
        7.  
          Data Insight Windows File Server checks
        8.  
          Data Insight SharePoint checks
        9.  
          Classification server health checks
        10.  
          Data Insight self service portal server health checks
    5. Appendix E. Command File Reference
      1.  
        fg.exe
      2.  
        indexcli.exe
      3.  
        reportcli.exe
      4.  
        scancli.exe
      5.  
        installcli.exe
    6. Appendix F. Data Insight jobs
      1.  
        Scheduled Data Insight jobs
    7. Appendix G. Troubleshooting
      1.  
        About general troubleshooting procedures
      2.  
        About the Health Audit report
      3.  
        Location of Data Insight logs
      4.  
        Downloading Data Insight logs
      5.  
        Migrating the data directory to a new location
      6. Troubleshooting FPolicy issues on NetApp devices
        1.  
          Viewing FPolicy-related errors and warnings
        2.  
          Resolving FPolicy connection issues
      7.  
        Troubleshooting EMC Celera or VNX configuration issues
      8.  
        Troubleshooting EMC Isilon configuration issues
      9.  
        Troubleshooting SharePoint configuration issues
      10.  
        Troubleshooting Hitachi NAS configuration issues
      11.  
        Troubleshooting installation of Tesseract software

Configuring application without user impersonation for Office 365

Setting DisableCustomAppAuthentication property for the tenant

To set the property DisableCustomAppAuthentication,

  1. Install Module Pnp.Powershell using command in PowerShell Install-Module -Name PnP.PowerShell
  2. Run the command Register-PnPManagementShellAccess and provide credentials of Global Administrator Account

    Note:

    This step is done to provide PnP PowerShell Authentication with Service Principal. If we do not do this then we will get error : Connect-PnPOnline : AADSTS65001: The user or administrator has not consented to use the application with ID'31359c7f-bd7e-475c-86db-fdb8c937548e' named 'PnP Management Shell'. Send an interactive authorization request for this user and resource

  3. Copy the following script in Notepad and save it as DisableCustomAppAuthentication.ps1 file.
    param (
	[parameter(Mandatory=$true)]
    [string]$Organization)

Import-Module PnP.PowerShell
$url = 'https://'+$Organization+'-admin.sharepoint.com'
Write-Output $url
$userCredential = Get-Credential
Connect-PnPOnline -Url $url -Credential $userCredential
get-PnPTenant
Set-PnPTenant -DisableCustomAppAuthentication $false

    Note:

    Application permissions scope will be used instead of Delegated permissions scope for authentication and authorization. Custom app authentication is disabled by default.

    If DisableCustomAppAuthentication is set to false, Custom app authentication is enabled.

  4. Run the script using .\DisableCustomAppAuthentication.ps1
  5. When prompted, provide organization name.
  6. In the Windows Powershell Credential Request pop up, provide Global Administrator credentials and click Ok
  7. In the list of output, verify if the CustomAppAuthentication property is set to False.

After configuring application, you need to add the created application to the lookup

To add created application to the lookup,

  1. Copy the Client ID of the app created in the Azure portal App
  2. Navigate to https://<organization-name>-admin.sharepoint.com/_layouts/15/appinv.aspx
  3. Paste the Client ID copied from the Azure portal App in the App Id field
  4. Click Lookup
  5. Add localhost.com in the App Domain field
  6. Add https://localhost.com/default.aspx in the Redirect URL field
  7. Add following XML in the App's Permission Request XML
    <AppPermissionRequests AllowAppOnlyPolicy="true">
    <AppPermissionRequest Scope="http://sharepoint/content/tenant"
    Right="FullControl"/>
    </AppPermissionRequests>
  8. Click Create
  9. Click Trust It

You will be redirected to the SharePoint admin center.

Configuring an administrator account for Data Insight

Data Insight uses a Global administrator account to discover the site collections and scan metadata and a SharePoint administrator account to fetch the access events from the configured SharePoint Online account. Global administrator accounts must have full control over the site collections that you want Data Insight to monitor. You must configure the Global administrator, as owner for team site collections, on the Office 365 interface and assign the administrative privileges for the target site collections.

Note:

Please procure Data Insight Plus Cloud Storage license to monitor cloud storage resources. Reach out to your contact in Veritas for procuring the same.

To add a SharePoint administrator

  1. Log on to Office 365 using the Global admin credentials.
  2. On the SharePoint admin center page, click Users > Active users > Add a user.

    The New User pop-up windows opens.

  3. Enter the name of the user and other properties as appropriate.
  4. In the Roles section, select Customized administrator > SharePoint administrator.
  5. Click Add.

The SharePoint administrator account collects metadata about site collection content , and gathers audit data from SQL Server databases for SharePoint when it is assigned administrative privileges for the target site collections. It must also have full control permissions on the configured site collections and the site collections that are incrementally included to the SharePoint account. For team site collections, the SharePoint administrator should be an owner.

The Minimum Privilege user has access to all features in the Admin center and can perform all tasks in the Office 365 Admin center.

To assign owners for team site collections

  1. On the SharePoint admin center page, go to Groups > Groups, and select the Group Name to which you want to assign owners.
  2. In the Group details pane on the right-hand-side, click Edit for the Owners entry.
  3. In the Edit pane, click Add owner and select a user having Minimum Privilege user credentials.
  4. Click Save.

Adding SharePoint Online accounts

Data Insight discovers and scans the data residing in the SharePoint Online accounts that are configured on the Management Console.

Note:

Data Insight disables addition of SharePoint Online accounts if you do not have a valid cloud license or if your license has expired. Also, Data Insight will not discover new accounts that have been added after the expiry of the license.

To add a SharePoint Online account

  1. In the Console, click Settings > SharePoint Sources.

    The SharePoint page displays the list of configured web applications and Online accounts.

  2. Click Add SharePoint Source > SharePoint Online Account.
  3. On the Add New SharePoint Online Account page, specify the URL of the account you want to add and enter the properties.
  4. Click Save.

Note:

For verification of the permission for the newly added SharePoint account, wait till the account's next incremental or full scan, triggered after Local User Scan. By default, LocalUserScanJob runs at 12.30a.m every day on the Collector node. You can manually run the job by navigating to Settings >> Data Insight Servers >> Server >> Jobs >> Select LocalUserScanJob >> Actions >> Run

Add/Edit SharePoint Online account options

Use this dialog box to add a new SharePoint Online account to Veritas Data Insight or to edit the configuration of an existing account.

Table: Add/Edit SharePoint Online account options

Field

Description

SharePoint Online Account URL

Enter the URL of the SharePoint Online URL that you want Data Insight to monitor. For example, https://myaccount.sharepoint.com

Collector

Do the following:

  1. Click Select Collector.

    The Select Collector pop-up displays the configured Collectors that are available for selection.

  2. Review the performance parameters such as disk and CPU utilization and backlog of files accumulating on the configured nodes. It is recommended that you assign a node on which the resource utilization is low.

  3. Click Select to assign the Collector to the filer.

Data Insight connects to the SharePoint server from the Collector node. It is recommended to choose the Collector worker node that is close in proximity to the SharePoint Online account server.

Indexer

Do the following:

  1. Click Select Indexer.

    The Select Indexer pop-up displays the configured indexers that are available for selection.

  2. Review the performance parameters such as disk and CPU utilization and backlog of files accumulating on the configured nodes. You can also view the number of devices, shares or site collections assigned to each configured node. It is recommended that you assign a node on which the resource utilization is low.

  3. Click Select to assign the Indexer to the filer.

Events and metadata that are collected from the site collections are processed and stored on the Indexer node.

Client ID

Client Secret Key

Tenant ID

The client ID is the unique application ID assigned when you create and register an app with Microsoft. You can add up to 5 client IDs.

Client Secret Key: In the SharePoint App, navigate to the Certificates & secrets page. There is a code in the Value column under the Client secret section. You need to use that code as a Client Secret Key while configuring a SharePoint account in Data Insight.

Tenant ID: This is an unique ID assigned to an organization

If you have missed copying the code, go back to the Certificates & secrets page in the SharePoint app and click + New client secret. Copy the code in the Value column and use it as a Client Secret Key in Data Insight.

You can add up to 5 client secret keys. Follow the procedure described in the following topic to get these details:

Note:

Microsoft servers might briefly block certain client credentials for initiating frequent requests. In such scenarios, Data Insight fails to retrieve data from the Microsoft servers. To eliminate such delay, you can add up to 5 client credentials to the SharePoint Online account. If one client credential is blocked by Microsoft, another client credential will be used to fetch data.

Add one client ID, Client Secret Key, authorize the app and click Add More Apps to add another set of client credentials.

Authorize access

Do the following:

  1. Click Authorize. This invokes the application authorized to access the SharePoint Online account.

    Note:

    Ensure that you use the credentials of a Office 365 user with Microsoft Global administrator role for authorizing Data Insight.

    This step creates an authorization token that is stored as a named credential in the Data Insight configuration. You will be redirected to the Data Insight console to complete the rest of the configuration.

  2. Data Insight can now access the user, folder and file metadata and the information about the activities performed on these files and folders.

Note:

After authorization, do not update the same set of client and secret key.

Automatically discover and add site collections in this SharePoint Online account

This check box is selected by default. This option allows you to automatically include all site collections in the selected SharePoint Online account for the purpose of monitoring.

Clear the check box to add site collections manually. You can do this from the SharePoint Online account details page.

Discovery of site collections takes place as soon as you add a SharePoint Online account and then twice each day at 2:00 A.M. and 2:00 P.M.

Exclude following site collections from discovery

Enter the details of the site collections which should not be included during discovery.

This option is available when you select Automatically discover and add site collections in the added SharePoint Online Accounts. Specify comma separated patterns that you want to ignore. Patterns can have 0 or more wildcard * characters.

For example, https://onlineaccount1/sites/test* ignores site collections https://onlineaccount1/sites/testsite1 and https://onlineaccount1/sites/testsite2.

Monitor SharePoint accesses to this SharePoint Online account

By default, Microsoft SharePoint Online Event Monitoring is enabled. If disabled, select this check box to enable event monitoring on the SharePoint Online account. You must manually enable auditing in the Office 365 Admin Center to enable Data Insight to collect audit logs for the SharePoint Online account.

Enable Scanning for this SharePoint Online account

Select the check box to enable SharePoint Online account scanning according to the specified schedule.

Scanning schedule (for full scans)

Select one of the following to define a scanning schedule for the SharePoint Online account:

  • Use the Collector's scanning schedule.

  • Define custom schedule.

    From the drop-down, select the appropriate frequency.

Veritas Data Insight periodically scans site collections to obtain file metadata. Each Collector worker node by default initiates a full scan of the SharePoint device at 11:00 P.M. each night.

Note:

You can also customize the schedule for each site collection using the Add/Edit Site Collection dialog box.

Scan newly added site collections immediately

Select this option to scan newly added site collections immediately instead of waiting for the regular scan schedule. Scanning will still proceed only when scanning is permitted on the Collector node.

Fetch Microsoft Labels

Check the box if you want to fetch Azure Information Protection (AIP) and Microsoft Sensitive labels for this SharePoint Online account. AIP label is a functionality that enables organizations to classify documents and emails in Office 365.