Help Center
News
Help Center
News
Popular
Architecture and High-level Information
Scans
How to Use Scans
Scans OverviewHow to Work with ScansScan OptionsHow to Create a New Discovery or Sensitive Data ScanHow to Use the Ignore List (Ignored Locations or Ignored Matches)How to Schedule a ScanHow to Search DropboxHow to Search Google Workspace: Gmail, DriveHow to Search a File Server (Remote Search)How To Search a Snowflake DatabaseHow to Search Mongo DatabasesHow to Search OneDrive for BusinessHow To Search Exchange O365 E-mail with Modern AuthenticationHow to Search an IBM Informix DatabaseHow to Configure and Test Database Connection StringsWhat is Differential Scanning and What is it Used for?What is a Distributed Scan?
How to Use Scan Playbooks
How to Use Scan Results
Agents
How to Use Dashboards
How to Use Data Asset Inventory
How to Install\Uninstall and Set Up Spirion Sensitive Data Platform
How to Use Logs
How to Manage Users and Roles
Settings and Resources
Additional Resources
Reports
Reporting API
Customer Support Articles

How to Create a New Discovery or Sensitive Data Scan

Sensitive Data Scans enable you to search for specific data types (social security numbers, telephone numbers, etc.) within files and folders at different locations (and take actions on them based on the playbook rule defined for them).

Overview

What is a Sensitive Data Scan?

Spirion Sensitive Data Platform searches or "scans" your environment for personally identifiable or sensitive data using applications called Agents.

  • Scans are the searches that agents perform on endpoints (targets) such as laptops, desktops, servers, databases, cloud locations, etc. to find either the file locations (Discovery Scan) or find specific data types (Sensitive Data Scan) within the files and folders
  • Sensitive Data Scans enable you to search for specific data types (social security numbers, telephone numbers, etc.) within files and folders at different locations (and take actions on them based on the playbook rule defined for them).
playbook is a set of rules which define the action(s) to take (redact, quarantine, shred, etc.) when Spirion Sensitive Data Platform discovers sensitive data during a scan of your environment.

For example, a playbook action (after a scan completes) may be to notify specific data found by a scan to a specific department for review and remediation.

What is a Discovery Scan?

  • The purpose of a Discovery scan is to discover the data that is assigned to the scan, but not manipulate the data discovered by the scan.
  • Discovery scans are performed by one or more agents. Multiple Agents are called Discovery Teams. See Spirion Sensitive Data Platform: Architecture, Security, and Data Flow.
  • A Discovery scan is similar to a Sensitive Data scan except that it does not require a Playbook.
  • Discovery scans capture metadata only
  • Note: Do not confuse Discovery scans with Distributed scans. See What is a Distributed Scan?

Differential Scanning Feature

How to Create a New Sensitive Data Scan

Use the following steps to create a new sensitive data scan:

  1. From the left side navigation menu select Scans > All Scans.

  2. The "Scans" page opens.
  3. In the top-right corner of the screen, click the + Add Scan button.
  4. The "Enter a name and description" page opens. Later, you may search for your scan by name, so enter a descriptive Name and Description. Your name might include the type of operating system being scanned - "MAC" for macOS, or Target being scanned such as "SharePoint." Also consider including terms indicating scan type ("local" or "remote") and/or Target type ("website" for website scans) and/or Location type ("Custom" for custom folder list scans). Some users append the date the scan was first created ("_25Nov")

  5. The page Select what type of scan to create opens.
  6. Click the tile Sensitive Data Scan.

  7. Click the Next button.
  8. The Select a Playbook to apply to the scan page opens.
  9. Choose a Scan Playbook from the list.

  10. To search for a specific Playbook, type the name of the Playbook in the search box and then select the search icon.
  11. On the page Select the target type to scan, choose a Target type.

  12. Use the instructions in the following sections to configure each of the unique Target types.

Select the Target to Scan

In the following topics, note that the steps for configuring each Target type (Cloud, Files & Folders, Email, Collaboration Tools, Database, Website) are similar, but each Target type has unique settings not shared by other Target types.

Cloud

Use the following steps to configure a Cloud Target type (such as Amazon S3, Gdrive, Box, etc.).

  1. From the page "Select the target type to scan" click the Cloud tile.

  2. On the Select which cloud service to scan screen, select the desired cloud platform:
    • Dropbox
    • Google Drive
    • Box
    • OneDrive for Business
    • Amazon S3

Files & Folders

Use the following steps to configure a Files & Folder Target type:

  1. From the screen "Select the target type to scan" click the Files & Folder tile.

Select the Target Type Page

This page only appears for "Files & Folders" Target types.

  1. The "Select a target type" page opens.
  2. Select "Local Target" to select a "File & Folder" Target on your local machine or "Remote Target" to select a Target located either on your network or on a cloud source.

  3. NOTE: When scanning Local Targets only local Agents/Targets are listed as available Targets (Agents can act as Targets as the Agent scans the machine it is installed on).
    1. In scans of Local Targets, such as desktop/laptop machines, multiple Agents of the same type (Windows or Legacy/Mac/Linux) but different version (13.1.2, 13.5.0, 13.5.1, etc.) is supported.
    2. Note: Using multiple Agents with different versions is not supported in scans of Remote Targets.
    3. Distributed Scanning - In scans of multiple Local Agent Target machines such as desktops/laptops, with multiple Agents assigned, each Agent, acting as a Target, scans itself. See "What is a Distributed Scan?"

Email

Use the following steps to configure an Email Target type (such as Exchange, Exchange Online, or Gmail):

  1. From the screen "Select the target type to scan" click the Email tile.

  2. Select an email service provider.

Collaboration Tools

Use the following steps to configure a Collaboration Target type (SharePoint, SharePoint Online, or Bitbucket):

  1. From the screen "Select the target type to scan" click the Collaboration Tools tile.

  2. Click the Next button in the bottom right corner to proceed, Previous button to return to the previous screen, or Exit Without Saving button to discard all changes.
  3. On the Select the collaboration tool to scan screen, select one of the following options:
    1. SharePoint | SharePoint Online
    2. Bitbucket

Database

Use the following steps to configure a Database Target type (SQL, Snowflake, Oracle, etc.):

Note: To establish the connection required to scan a database target, the relevant driver must be installed on the agent host system
  1. From the screen "Select the target type to scan" click the Database tile.

  2. On the "Select which database to search" screen, select the type of database you wish to scan.
    • Oracle
    • SQL Server
    • Sybase
    • IBM DB2
    • Informix
    • InterBase
    • SQLBase
    • SAP SQL Anywhere
    • MySQL
    • SQLite
    • PostgreSQL
    • ODBC
    • OLEDB
    • mongoDB
    • Snowflake

Website

Use the following steps to configure a Website Target type:

  1. From the screen "Select the target type to scan" click the Website tile.

  2. Click the Next button in the bottom right corner to proceed, the Previous button to return to the previous screen, or Exit Without Saving button to discard all changes.
  3. Proceed to select the Agents to perform the scan.

Select the Agent to Perform the Scan Screen (All Target Types)

After selecting your Target type, select the Agents to perform the scan.

Note: You cannot employ Agents on machines with different operating systems in the same scan. Windows Agents (v13 and later) cannot be combined with Legacy Agents, MacOS, or Linux Agents (pre-v13) in the same scan. This means you cannot scan Windows and MacOS with the same scan. For the purpose of organization and auditing, we recommend Agents are organized by operating system using the Tag feature and Agent naming conventions such as "Win10-VM," "Win11-Azure," etc.

This step applies to all Target types:

  1. Select the service and the "Select the agent(s) to perform the scan" screen opens.
  2. From the All On-Prem Agents list, choose the agent(s) you want to use.
  3. To expand a section, click the chevron (>) icon.
    Note: Learn more about the icons that appear on this page using the tooltips such as the tooltip next to "All On-Prem Agents."

  4. To select an Agent, or a Tag which contains multiple Agents, click the right-pointing arrow next to the Agent or Tag name. This moves the Agent or Tag (collection of Agents) over to the Selected On-Prem Agents field.

  5. To determine the version of an Agent, hover your mouse pointer over the information icon - the 'i' inside a ciricle.

    Note: Windows Agent versions 13 and greater cannot be combined with Legacy Agents (pre-version 13) to use in the same scan.
    1. If you select more than one version from the list of available the agents, you receive an error message (below) and are prompted to reselect your agents.



      The selected agents or the agents assigned to the selected tags are incompatible. All agents must be the same type. Hover over the warning icons for more information. Press Next to verify updated selections.
    2. To remove an agent from the Selected On-Prem Agents field, click the left-pointing arrow next to an Agent name in that field.

Select the Targets to Scan Screen

After selecting the Agents to perform the scan, select which Targets to scan for sensitive data. This step applies to all Target types:

  1. On the "Select Targets(s) to Scan" page, select one or more Targets to scan.
    1. Expand the section and add a Target.
    2. To add a target, click the right-pointing arrow next to the Target name and move it to the "Selected Targets" field.

    3. To remove a target from the Selected Targets section, click the left-pointing arrow next to the target name and move it back to the All Targets field.


      Note: To create a new Target, see How to View Target Details and Search for a Target.
  3. Click the Next button in the bottom right corner to proceed, the Previous button to return to the previous screen, or Exit Without Saving button to discard all changes.

Select SharePoint Options Screen (SharePoint Targets Only)

After selecting the Targets to scan, select your SharePoint options. This step applies only to SharePoint Target types:

  1. From the "Select SharePoint options" screen, select the SharePoint site content to search:
    1. Documents/Files
    2. Tasks
    3. Calendar
    4. Contacts
    5. Item - A SharePoint item is a single data entry, like a row in a spreadsheet or a record in a database, within a SharePoint list, containing various pieces of information organized into columns (metadata) like text, numbers, or dates, allowing for collaborative data management.

  3. If applicable, click the blue Advanced Options button in the top right corner of the screen to add additional options. (Click the Basic Options button to return to the previous screen).
  4. The "Select advanced SharePoint options" screen appears. Select the options as you desire. Use the tooltips next to each option or see the descriptions in the topic Scan Options.

Select Which User Accounts You Would Like to Scan Screen (Cloud Targets Only)

After you select the agent(s) to perform the scan, select which user accounts to scan. This step applies to Cloud Target types only. For all other Target types, proceed to the topic "How to Select File Type Scan Options," below.

Procedure:

  1. The Select Which User Accounts You Would Like to Scan screen opens.
  2. Your cloud source brand is reflected on this screen. Note, this screen does not display for Amazon S3 cloud services.

    • Search: To search for a User Account, enter the name into the box and click the Search icon or click Enter.
    • Input the User Account to add and press Enter: Enter the user account name and click Enter.
    • Upload Account List: To upload a list of accounts from your local computer, click the upload icon and locate the file on your local computer.
  4. Click the Next button to proceed, the Previous button to return to the previous screen, or the Exit Without Saving buton to discard.

Select File Type Scan Options Screen

Next, you select the file type scan options. This step applies to all Target types.

Procedure:

  1. The Select file type scan options screen appears.
  2. Select the options as you desire. These options are described in the topic Scan Options.

  3. If applicable, click the Advanced Options button in the top right corner of the screen to add additional options. (Click the Basic Options button to return to the previous screen).
  4. The Select file type scan options - Advanced Options screen appears. Select the options as you desire. Use the tooltips next to each option or see the descriptions in the topic Scan Options.

  5. Click the Next button in the lower right corner to proceed, the Previous button to return to the previous screen, or the Exit Without Saving button to discard.

Scan Email and Compressed Files Page

Next, the page "Scan email and compressed files?" opens. This step does not apply to all Target types.

  1. Select the options you desire. Use the embedded tooltips next to each option or use the descriptions in the topic Scan Options.
  2. Click the Next button in the bottom right corner to proceed, Previous button to return to the previous screen, or Exit Without Saving button to discard.

Select Exchange/Outlook options

Next, the page "Select Exchange/Outlook options" opens. This step does not apply to all Target types.

  1. Select the options you desire. Use the embedded tooltips next to each option or use the descriptions in the topic Scan Options.
  2. Click the Next button in the bottom right corner to proceed, Previous button to return to the previous screen, or Exit Without Saving button to discard.

Select Advanced Options

The "Select advanced options" screen appears. This step applies to all Target types.

  1. The Select advanced options screen appears. Select the options you desire from the Advanced Options. Use the embedded tooltips next to each option or use the descriptions in the topic Scan Options.

    Example - Global Ignore Lists available when creating a new Sensitive Data Scan
  2. Scan Only Changed Files - This option controls the Differential Scanning feature. For more information, see What is Differential Scanning and What is it for?
  3. Global Ignore Lists - This option controls Global Ignore Lists.
    1. Note that any user who is creating or editing a Sensitive Data scan (using the "Create New Scan" wizard, for example) can view and select any of the available Global Ignore Lists shown on the "Select advanced options" page.
    2. To select a Global Ignore List for your scan to use (to ignore specific sensitive data matches or data match types), expand the Global Ignore List section and check the checkbox next to the appropriate Global Ignore List.
      1. Search for the Global Ignore List or scroll down to find it, if necessary
    4. Global Ignore Lists are available to be added to any scan. They do not apply to all scans, by default.
    5. For more information see How to Use Global Ignore Lists.
  5. Click the Next button in the bottom right corner to proceed, Previous button to return to the previous screen, or Exit Without Saving button to discard.

Select the Scan Schedule

The "Select scan schedule" screen appears. This step applies to all Target types.

  1. The next screen is Select the scan schedule.
  2. See Select Date and Time for how to set the date, time, and / or recurrence for a scan.
  3. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
    to discard.

Select who should receive notification of scan completion

The "Select who should receive notification of scan completion" screen appears. This step applies to all Target types.

  1. On the Who should receive notification of scan completion screen, select how to send email notifications.
    • I'll Manually Check My Scans Results
    • Send An Email Notification
  3. Select a user from the drop-down list and / or type an email address in the entry field and click Enter.
  4. To add additional email addresses, click the plus (+) icon and type the email addresses in the entry field.
  5. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
    to discard.

Select the Search Location Type (Files & Folders only)

The "Select the search location type" page appears only for Files & Folders Target types.

  1. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
    to discard.
  2. On the Select the search location type screen, select a location type:
    • Full Computer Scan - Scan all folders and files on the Target machine(s)
    • Logged in User's Directory - Scan only the configured directory of the currently logged in user.
    • Cloud Storage Folders - Spirion can search the following cloud folders (Dropbox, Amazon Cloud Drive, Microsoft OneDrive, Google Drive, Box Sync). Remote cloud search is also possible and can be configured using the console. To search cloud storage data, you must give permission to Spirion by authenticating each provider you would like to search.
    • All Removable Drives - Spirion can also scan USB drives on connection for auto discovery, classification, and remediation actions.
    • Custom Folder List - Scan only the selected folders and files on the Target machine(s)
  4. Select one:
    • Create a new Full Computer
    • Logged in User's Directory
    • All Removable Drivers Scan

  6. For this example, select Full Computer Scan.
Custom Folder List

Procedure:

  1. On the Select which custom folders to add screen, enter the folders to include or exclude.
    • Include: Type the folder(s) to include, one per line.
    • Exclude: Type the folder(s) to exclude, one per line.
      Note: You must include or exclude at least one folder.
    • Import Custom Folders: Upload a .csv file of custom folder types.

  3. Click Import Custom Folders. Navigate to the .csv folder to import from your computer.

  4. In the Import CSV window, select:
    • Include
    • Exclude
    • By Flag (includes & excludes)

  6. Click Import to import the file or Cancel to discard.

Remote Target

Remote Targets are used for some sources, but not all.

Procedure:

  1. After selecting the Files & Folders tile, select the Remote Target target type.
  2. The next screen is the Select the agent(s) to perform the scan screen. Select from the All On-Prem Agents list.

  3. Click Finish & Save to add the new Scan, Previous to return to the previous screen, or Exit Without Saving to discard.

Custom Folder List

Procedure:

  1. Select the Custom Folder List location type. The Select which customer folders to add screen opens.

  2. To include folders, type the name(s) of the folders, one title per line, in the Include field.
  3. To exclude folders, type the name(s) of the folders, one title per line, in the Exclude field.
    You must include or exclude at least one folder.
  4. To import a custom folder list .csv file, click Import Customer Folders button in the upper, right of the screen. The Import CSV window opens.

  5. Select:
    • Include
    • Exclude
    • By Flag (includes & excludes)

The Select a csv file to import* entry field is required. Once your cursor is in this field, a folder on your computer opens.

  1. Enter or locate the folder to use. Click Open. Click the Import button to import the folder or Cancel to discard.
  2. You can also click the Advanced Options button on this screen.
    1. When selected the Add Custom Folders - Advanced Options screen opens.
    2. The button now says Basic Options.
    3. To return to the previous screen, click this button again.
    4. To continue, select Next.

Exchange/Exchange Online E-mail Service Provider (Email Targets only)

This page appear sfor Email Targets only.

Procedure:

  1. On the Scan servers by account list? screen, upload or enter the accounts you want to include in your scan.

  2. You can select actions for the Mailbox Accounts:
    • Scan Attachments
    • Scan All Mailboxes
    • Include Dumpster
    • Include Online Archive
  4. If you select no Mailbox Accounts for a target then all Mailbox Accounts are scanned.
    • For Scan All Mailboxes to be checked, requires that no targets have mailboxes assigned.
    • For Scan All Mailboxes to be unchecked, requires that all targets have mailboxes assigned.
  6. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
    to discard.

Gmail E-mail Service Provider

When you select the email provider Gmail, the Select the agent(s) to perform the scan screen opens.

  1. On the Select accounts to scan screen, check the box next to Select Scan Attachments.

To add user accounts:

  1. Type the user account name in the entry field and click Enter.
  2. Search for the user account name.

  3. To upload multiple accounts, click Upload Account List.

  4. Locate and select the .csv file with the accounts on your computer.

  5. The user accounts are displayed in the Target box.

  6. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
    to discard.
  7. On the Select file type scan options screen, the Basic Options display.
  8. Additional are available on the Select advanced options screen.

SQL Advanced Options

This section applies to SQL database Targets only.

  • Include Primary Key Data
    • If a database includes a Primary Key column, it is possible to return the data in the cell of the Primary Key column for the row in which a result was found.
    • The data will be displayed in the Preview window along with the list of columns in which the result was found.
    • To include the Primary Key data, set this to "Include Primary Key data" (1).
  • Do not include Primary Key Data
    • This is the default setting for Primary Key Data.
  • Include Primary Key Data
    • If a database includes a Primary Key column, it is possible to return the data in the cell of the Primary Key column for the row in which a result was found.
    • The data is displayed in the Preview window along with the list of columns in which the result was found.
    • To include the Primary Key data, set this to "Include Primary Key data" (1).
  • Set Non-Matching cells limit
    • When searching structured data (files or databases searched via a connection string), the endpoint application will look within a column for data that matches the specified data type.
    • After a specified number of cells in that column are searched without finding any matches, the search will move on to the next column.
    • The counter is started at the first row and continues until the limit is hit or a match is found.
    • If a match is found, all subsequent rows in that column will be searched.
    • To disable this limit and search all cells, use a value of 0.

Exclude Column Types

  • Specify which column types are excluded when searching databases.
  • When using this setting outside of the console, note that the value for this setting is a bitmask of the logical OR of any of these values.
  • When created in the Windows Registry, they are of type REG_DWORD.
  • When entered into the Windows Registry or a configuration XML file, they should be entered as hexadecimal values.
  • When entered into a security template (.inf) file, they should be entered in decimal.

Description

Value

Default Setting

Exclude Integer Types

0x00000001

Off

Exclude Double Types

0x00000002

Off

Exclude DateTime Types

0x00000004

Off

Exclude String Types

0x00000008

Off

Exclude Blob Types

0x00000010

Off

Exclude Cursor Types

0x00000020

Off

  • Log Level
    • When searching databases via the Database Search Module, it is desirable to see detailed logging information during configuration or troubleshooting.
    • The logging specified via this setting only applies when logging has been enabled and only specific log entries are displayed if their corresponding log type has been enabled
      • For example: Info, Error
    • The following log levels are available:
      Note: Data from the database is written in clear text to the client log file
      Note: Logging beyond the default level, especially the maximum level, creates very large log files and may contain sensitive information.
      • 0 (Default): Standard logging: Includes basic information such as the name of the table being searched and errors.
      • 1: Additional logging: Standard logging plus information about the status of the search for the current row.
      • 2: Comprehensive logging: Additional logging plus details about each table, column and row.
      • 3: Debug logging: Comprehensive logging plus the actual cell data for each cell searched.
      • 4: Full logging: Data from the database will be written in clear text to the client log file.
  • Row Count Start - Logging (Entry Field)
    • When the setting Settings\Locations\Databases\LogLevel is set to 1, it is possible to specify a row at which additional, detailed column information can be logged.
    • To enable this logging, specify the row number at which to start.
    • This setting should only be set after consulting with the Support Team.
  • Row Count Start (Entry Field)
    • The row number at which to start detailed column logging:
      • When the setting Settings\Locations\Databases\LogLevel is set to 1, it is possible to specify a row at which additional, detailed column information can be logged.
      • To enable this logging, specify the row number at which to start.
      • This setting should only be set after consulting with the Support Team.
  • Row Count Stop
    • By default, all rows in a target database is searched.
    • To specify the maximum number of rows to search in each table, set this to a value greater than 0.
    • Once that number of rows have been searched, the search of that table will be stopped and searching resumes with the next appropriate table.
  • Scan Column Names
    • By default, all columns in a specified database are searched.
    • To search only specific columns, enter those table names, one per line.
    • The column name list applies to all databases configured to be searched.

By default, the comparison of column names requires an exact match.

To allow a partial match, set ColumnMatchType.

To use this list as a list of columns to exclude from the search, set SearchColumnNamesIsExcludeList.

  • Require exact match
    • By default, the comparison of column names requires an exact match.
    • To allow a partial match, set ColumnMatchType.
  • Allow partial match
    • By default, all columns in a specified database are searched.
    • To search only specific columns, enter those table names, one per line.
    • The column name list applies to all databases configured to be searched.

By default, the comparison of column names requires an exact match.

To allow a partial match, set ColumnMatchType.

To use this list as a list of columns to exclude from the search, set SearchColumnNamesIsExcludeList.

  • Include/Exclude Columns (check to exclude)
    • By default, the column names listed in SearchColumnNames must match exactly to be included or excluded from the search.
    • To allow partial matching - for example allowing the value zip (when specified in SearchColumnNames) to match the column ZipCodes, set this to "Allow partial match" (1).
      • By default, the comparison of column names requires an exact match.
      • To allow a partial match, set ColumnMatchType.
  • Column Names to Include/Exclude (Entry Field)
    • By default, when SearchColumnNames is used to specify specific column names, only those columns are included in the search.
    • To search all columns except those specified in SearchColumnNames, set this to "Exclude list" (1).
  • By default, all columns in a specified database are searched.
    • To search only specific columns, enter those table names, one per line.
    • The column name list applies to all databases configured to be searched.
  • To use this list as a list of columns to exclude from the search, set SearchColumnNamesIsExcludeList.
  • Scan Table Names
    • By default, all tables in a specified database are searched.
    • To search only specific tables, enter those table names, one per line.
    • The table name list applies to all databases configured to be searched.
  • By default, the comparison of table names requires an exact match. To allow a partial match, set TableMatchType.
  • Require exact match
    • By default, the comparison of table names requires an exact match.
    • To allow a partial match, set TableMatchType.
  • Allow partial match
    • By default, all columns in a specified database are searched.
    • To search only specific columns, enter those table names, one per line.
    • The column name list applies to all databases configured to be searched.

By default, the comparison of column names requires an exact match. To allow a partial match, set ColumnMatchType.

To use this list as a list of columns to exclude from the search, set SearchColumnNamesIsExcludeList.

  • Include/Exclude Tables (Check to exclude)
    • To use this list as a list of tables to exclude from the search, set SearchTableNamesIsExcludeList.
  • Table Names to Include/Exclude (Entry Field)
    • By default, all tables in a specified database are searched.
    • To search only specific tables, enter those table names, one per line.
    • The table name list applies to all databases configured to be searched.

By default, the comparison of table names requires an exact match. To allow a partial match, set TableMatchType.

To use this list as a list of tables to exclude from the search, set  SearchTableNamesIsExcludeList.

  • Scan Table Types
    • Specify whether tables or views is included when searching databases.
    • When using this setting outside of the console, note that the value for this setting is a bitmask of the logical OR of any of these values.
    • When created in the Windows Registry, they are of type REG_DWORD.
    • When entered into the Windows Registry or a configuration XML file, they need to be entered as hexadecimal values.
    • When entered into a security template (.inf) file, they need to be entered in decimal.

Description

Value

Default

Include Tables

0x00000001

On

Include Views

0x00000002

Off

  • Database Preview Length (Entry Field)
    • To provide context to matches when viewing results on the console, version 10.7 and later of the endpoints and console can send the specified number of characters from before and after the match itself.
    • By default, no characters preceding or following database matches will be sent to the console.
    • Maximum allowed number of characters is 1000.
      • A value of 0 disables sending preview information to the console.

Valid values:

  • 0: Disabled (no preview data will be sent to the console)
  • 1-1000: The specified number of characters from before and after the database match will be sent to the console
  • >1000: Invalid (the value will be set back to the default of 20)
  • Note: When Console\sendMatch is set to Disable (0), preview information will not be sent to the console.
  • Database Preview Match Max (Entry Field)
    • Specify the maximum number of unique keyword matches in a location to consider all of the keyword matches as part of the results for that location.
    • If the number of unique keyword matches exceeds the value of this setting, then the matches will not be included in the results for this location.
  • This setting is only read if there are keywords configured as part of the custom type search.
  • When using keyword custom type searches, this value can be used in conjunction with the CustomKeywords\minRequired setting to refine the results.
  • The default value of zero (0) specifies that there is no maximum and that all keyword matches should be included in the results.
  • To set a maximum, specify the number in this setting.

Example:

Five unique keywords are configured:

Keyword Names

Keyword

KeyName1

Key1

KeyName2

Key2

KeyName3

Key3

KeyName4

Key4

KeyName5

Key5

  • maxAllowed = 3
  • For a location, "Key1" and "Key2" are matched, those matches are included in the results for the location.
  • For a location, "Key1","Key2","Key3", and "Key4" are matched, none of those matches are included in the results for the location.
  • When the mongoDB database is selected to scan, the NoSQL Advanced Options display instead of the Select SQL Advanced Options screen.

NoSQL Advanced Options (MongoDB only)

Procedure:

  1. Enter the values in the table below:

Name

Description

Admin Databases

Select one:

  • Include Default Admin Databases
  • Exclude Default Admin Databases

File Attachment Min Size

Type the minimum attachment size required.

File Attachment Max Size

Type the maximum attachment allowed size.

Record Count Stop

Type the record number to stop the scan on.

Record Min Size

Type the minimum record size required.

Record Max Size

Type the maximum record size allowed.

Store Min Size

Type the minimum storage size required.

Store Max Size

Type the maximum storage size allowed.

Database Min Size

Type the minimum database size required.

Database Max Size

Type the maximum database size allowed.

Database Names

Select one:

  • Require exact match
  • Allow partial match

Select to exclude tables:

  • Include/Exclude Tables

Type column names text box:

  • Type column names (one per line)
  • Empty=Include All

Store Names

Select one:

  • Require exact match
  • Allow partial match

Select to exclude tables:

  • Include/Exclude Tables

Type column names text box:

  • Type column names (one per line)
  • Empty=Include All

Label Names

Select one:

  • Require exact match
  • Allow partial match

Select to exclude tables:

  • Include/Exclude Tables

Type column names text box:

  • Type column names (one per line)
  • Empty=Include All


Search Linked Web Page Content

The "Select website options" page appears only when configuring Website Targets.

  1. Enter values on the Basic Options page as described here.
  2. Click the Advanced Options button if applicable.
  3. On the Website Options - Advanced Options screen, enter values, if applicable as described here.

  4. Click Next to proceed, Previous to return to the previous screen, or Exit Without Saving
    to discard.

Summary

The "Summary" screen appears. This step applies to all Target types.

  1. On the Summary screen, select the chevron (>) to open and review your scan settings.
  2. Use the edit icon link to jump to a specific screen to edit a setting.
  3. Click the Finish & Save button to add the new scan, Previous button to return to the previous screen, or Exit Without Saving button to discard.


Was this article helpful?

Powered by Product Fruits