Help Center
News
Help Center
News
Popular
Architecture and High-level Information
Scans
Agents
What is an Agent?What is a Policy?Working with Agents - OverviewWorking with Policies - OverviewHow to Assign a PolicyHow to Bulk Assign a PolicyHow to Assign Tags to an AgentHow to Remove an AgentHow to Bulk Assign Watcher PolicyHow to Work with Activity Watcher Policies
How to Create a Policy
How to Create a New Policy Using the WizardHow to Create a Policy Using the Wizard - Agent Operations - Advanced OptionsHow to Create a Policy Using the Wizard - Additional SettingsHow to Create a Policy Using the Wizard - Additional Settings - Advanced OptionsHow to Create a Policy Using the Wizard - Local Reporting OptionsHow to Create a Policy Using the Wizard - Local Logging OptionsHow to Create a Policy Using the Wizard - Local Logging - Advanced Options
How to Use Dashboards
How to Use Data Asset Inventory
How to Install\Uninstall and Set Up Spirion Sensitive Data Platform
How to Use Logs
How to Manage Users and Roles
Settings and Resources
Additional Resources
Reports
Reporting API
Customer Support Articles

How to Create a Policy Using the Wizard - Agent Operations - Advanced Options

This topic describes how to use the Create Policy settings on the Agent Operations - Advanced Options page. The settings here control the computer name format to report to the Spirion console, how a file is deleted, location of temporary files and how they are deleted, the number of passes to use when Shredding files, the configuration file used to override system settings, whether to save error reports when the dialog is closed, whether to compress data for Agent communication. How to report an error report dialog is configured here.

After completing the Agent Operations page of the Create Policy wizard, click the Next button to proceed to the Agent Operations - Advanced Options page to input more detailed options.

Agent Operations - Advanced Options

Use the table below to help you complete the Agent Operations - Advanced Options page.

  1. Select the blue Advanced Options button to access these settings.

The settings here control the computer name format to report to the Spirion console, how a file is deleted, location of temporary files and how they are deleted, the number of passes to use when Shredding files, the configuration file used to override system settings, whether to save error reports when the dialog is closed, whether to compress data for Agent communication. How to report an error report dialog is configured here.

Setting Name

Options

Description

Enable Startup Check

  • Disable
  • Enable (Default)

Enable the console to verify the endpoint performs at startup.

  • By default, when an agent is configured to communicate with the console, it performs a number of checks on startup to ensure proper configuration and communication.
  • These checks are helpful when troubleshooting issues between the agent and the console as they log relevant information in the local agent log.

Use FQDN

  • Use Host/NetBIOS name (Default)
  • Use FQDN
  • Use Computer Name

The computer name format reported to the Spirion Console.

  • Use Host/NetBIOS name (Default)
    • Windows agents report their NetBIOS name to the console
    • Mac agents report their hostname (the output of "hostname -s").
  • Use FQDN
    • Windows and Mac agents report their Fully Qualified Domain Name
    • (on Mac OS, this is the output of "hostname").
  • Use Computer Name
    • For Mac agents, an additional option is also available, "Use Computer Name":
    • This uses the computer name as displayed in the System Preferences.

Location Shred Intensity

  • Delete Only
  • Fast Shred
  • Intense Shred (DOD)

Controls how a file is deleted when a location is remediated using shred to prevent the deleted file from being recovered.

  • Delete Only - This option deletes the Location (File) and does not take any additional action.
    • This is the most performant option, but the file is likely still recoverable.
  • Fast Shred - This option deletes the Location (File) and overwrites the physical bits on the hard drive a single time to reduce the possibility of the file being recovered.
  • Intense Shred (DOD) - This option deletes the Location (File) and overwrites the physical bits on the hard drive multiple times (to DOD standard) to minimize the possibility of the file being recovered.

Temp File Shred Intensity

  • Delete Only
  • Fast Shred
  • Intense Shred (DOD)

Controls how temporary files are deleted when removing temporary files created during a search.

  • Delete Only - This option deletes the Temporary files and does not take any additional action.
    • This is the most performant option, but the file is likely still recoverable.
  • Fast Shred - This option deletes the Temporary files and overwrites the physical bits on the hard drive a single time to reduce the possibility of the file being recovered.
  • Intense Shred (DOD) - This option deletes the Temporary files and overwrites the physical bits on the hard drive multiple times (to DOD standard) to minimize the possibility of the file being recovered.

Shred Passes (Intense Shred only)

  • 1 through 7 (1/2/3/4/5/6/7)

The number of passes to use when Shredding files:

  • Valid values: 1-7
  • By default, the endpoint application uses a 3-pass wipe for shred
  • Increase or decrease this value depending on your requirements

Temp File Location

  • No value
  • Windows file path (such as C:\Temp\AgentTempFiles)

The Agent operation uses the Temp File Location, but only if it has an assigned value.

  • The file location must have a Windows file path
  • File location cannot be a mapped network drive

Cloud Remediation (Previous File Versions):

  • Keep previous version (0)
  • Delete previous version (1) (Default)

By default, the version/revision of the file located in the cloud storage that was searched is deleted after an action is performed.

  • For example, classifying a file in cloud storage creates a new revision of the file and the previous one is deleted.
  • To preserve the previous revision, set this to "Keep previous version".
  • Note: This setting applies only to Box as not all cloud storage providers provide a method to delete the previous version.

Allow Configuration File to Override System Setting

  • Disable
  • Enable

Enable (or prevent) settings in a configuration file to override system settings.

  • System settings, such as HKLM, are authoritative sources.
  • To prevent users from creating a configuration file to circumvent those settings, settings are only read from configuration files if they do not exist as a system setting.
  • Enable - Enable settings in configuration files to override system settings.
  • Disable - Prevent settings in configuration files from overriding system settings
  • Note: This value can only be set as a system setting, such as HKLM - it cannot be specified in a configuration file itself.

Target Watcher User Selection*

  • Always prompt (Default)
  • Always search
  • Disable

The end user's service behavior selection.

* This is a Sensitive Data Watcher (File and Email Watcher) setting only.

Search API Plugins Path (version 13.5 and later)

  • Disable (Default)
  • Enable Plugins

Full path to custom search plug-ins.

  • Disable - Default setting. Disables custom search plug-ins.
  • Enable Plugins - Enables custom search plug-ins. Enter the path to the directory which contains the plug-ins.
    • Example path: C:\spirion\CustomSearchPlugins

Disable Integration

  • Allow Classification via Add-ins (0) (Default)
  • Prevent Classification via Add-ins (1)

Specify whether classifications are editable via integration add-ins.

  • Allow Classification via Add-ins - By default, classifications can be viewed and edited through the integration add-ins (Outlook, Office, Adobe, Shell).
  • Prevent Classification via Add-ins - Prevent users from modifying classifications using add-ins (Outlook, Office, Adobe, Shell).
  • With a value of "Prevent Classification via Add-ins" (1), the integration add-in usage is described below:
    • Shell: Icon overlays are visible. Classification context menu and properties tab are viewable but disabled for editing.
    • Adobe: Classification dialog is viewable but items are disabled. There is no OK button to save changes.
    • Outlook: Classification pane is displayed. Ribbon button is disabled.
    • Office: Classification pane is displayed. Ribbon button is disabled.

Auto Save On Close

  • Require user to manually save error report (Default)
  • Automatically save error report on close

Automatically save error reports when the dialog is closed.

  • By default, when an error report dialog is displayed, a user can use the Save button to save a copy of the error report for submission to the Support Team.
  • If the dialog is closed without saving, the error report is gone and cannot be retrieved.
  • To disable the Preview and Save button in the error report dialog and automatically save the error report to disk when the dialog is dismissed, set this to "Automatically save error report on close" (1).

Window Body

  • No Value (Default)
  • Custom text, entered by user

The text to display in the body of an error report dialog.

  • To customize the text displayed in an error report dialog, for example to specify that error reports should be e-mailed to an internal IT address, specify the desired text.
  • By default (and when this setting is left blank), the default text is displayed in the error report dialog instructing users to save the error report and send it to the Support Team.

Window Header

  • No Value (Default)
  • Custom text, entered by user

The text to display in the header of an error report dialog window.

  • To customize the text displayed in the header of an error report dialog (this is the text at the top of the dialog body next to the icon, not the window title), specify the desired text.
  • By default (and when this setting is blank), the default text is displayed in the error report dialog indicating that the software has encountered an error and could not continue.

Log Capture Window

  • 30 (Days) (Default)
  • Increase default value to include additional, older logs

The number of days of logs to include when using the Gather Data function

  • When performing a Gather Data to obtain diagnostic information to assist with troubleshooting, log files from the most recent 30 days are automatically included, subject to the setting Max Data Gathering Size.
  • To include additional, older logs, increase this value.
  • Default: 30 days

Max Data Gathering Size

  • 0 (Default)
  • Enter a size - in MB - you desire

The maximum size - in MB - of the output of the Gather Data function.

  • By default, the size of the output of the Gather Data function is not limited.
  • When performing troubleshooting, there may be limits on the size of Gather Data that can be shared with the Support Team.
  • If it is necessary to limit the maximum size of the Gather Data function, set this value to that maximum size and logs are automatically removed until the Gather Data size is smaller than the specified maximum.
  • Any logs removed are listed in the Missing Logs text file in the Gather Data.
  • Default: 0

Results Storage Mode

  • Memory Mode
  • On-disk database

Specify how Spirion stores results during a search.

  • By default, the agent application holds all results in memory during a search.
  • To force the client to use an on-disk database, set this value to "On-disk database".
  • When using on-disk database mode, the results appear in a flat report without the parent/child hierarchy.

Results Compression

  • Enabled (default)
  • Disabled
  • Enabled - Instructs Agent to compress data for Agent communication.
  • Disabled - Agent does not compress data for Agent communication.

Plugins (all versions pre-13.5)

  • Disable (Default)
  • Enable Plugins

Full path to custom search plug-ins.

  • Disable - Default setting. Disables custom search plug-ins.
  • Enable Plugins - Enables custom search plug-ins. Enter the path to the directory which contains the plug-ins.
    • Example path: C:\spirion\CustomSearchPlugins


Was this article helpful?

Powered by Product Fruits