Help Center
News
Help Center
News
Popular
Architecture and High-level Information
Scans
Agents
How to Use Dashboards
How to Use Data Asset Inventory
How to Install\Uninstall and Set Up Spirion Sensitive Data Platform
How to Use Logs
How to Manage Users and Roles
Settings and Resources
How to Use Agents SettingsHow to Use Data Retention SettingsHow to Use Notifications SettingsHow to Use Remediation SettingsHow to Use Scan SettingsHow to Use Updates SettingsHow to Use Global Ignore ListsData Asset Inventory SettingsPassword PolicySpirion Sensitive Data Platform Console Site Whitelist
Global Classifications
Global Data Types
SearchAPI
Script Repository
Additional Resources
Reports
Reporting API
Customer Support Articles

How to Use Scan Settings

This topic describes the various options under the Scan section of the Scans Settings page in Spirion Sensitive Data Platform.

Overview

Scans Settings is where you manage your settings for:

  • Scan Item Number and Load
  • Target Preferences
  • Remediation Settings
  • Policy and Application Updates
  • Notifications and Custom Notifications
  • Data Retention
    Note: Changes to Scans Settings take effect the moment data is entered into any field.
    If you wish to retain a copy of the original settings when making updates if you need to revert back to the previous settings.

How to Access Scan Settings

To access the Scan Settings screen, use the following steps:

  1. From the left menu, click Settings.

  2. Click Application Settings.

  3. To view sections in Scans Settings:
    1. Click a down arrow to expand a section.

    2. Click an up arrow to collapse a section.

How to Configure Scan Settings

To configure Scan Settings use the following steps:

  1. From the left-side navigation menu click Settings > Application Settings > Scan Settings.
  2. Click the down arrow to expand the Scan section.

  3. Fill in the following settings - note that only some of these settings apply to Greyhound Agents (v13.0 and later):
    • Minimum Load When Using Distributed Scanning (MB): When using Discovery Teams to scan a target, this is the minimum amount of data, in megabytes, that is assigned to each Discovery team member.
      • Amount of data from all targets is calculated and split into data sets, with no data set being less than the value of the minimum load unless the size of a data set is less than the value in the minimum load - it cannot be grouped with any other data sets, in which case a team member is assigned a data set smaller than the minimum load.
      • This setting is used only when load balancing is enabled.
      • These limits apply only to Sensitive Data Manager (SDM) Agents (versions 12.6.1 and earlier), NOT Greyhound Agents (versions 13.0+)
      • Valid values: 0-999,998
      • Value of 0 disables this setting
      • Default: 2
    • Minimum Number of Items When Using Distributed Scanning: When using the minimum number of items while using distributed searching, this is the minimum amount of items that can be assigned.
      • These limits apply only to Sensitive Data Manager (SDM) Agents (versions 12.6.1 and earlier), NOT Greyhound Agents (versions 13.0+)
      • Valid values: 0-999,999
      • Default: 20,000
    • Maximum Load When Using Distributed Scanning (MB): When using Discovery Teams to scan a target, this is the maximum amount of data, (in megabytes), that a team member scans.
      • The amount of data from all targets is calculated and split into data sets, with no data set exceeding the value of the maximum load - unless a single folder exceeds the value of the maximum load in which case that folder is not divided and is searched by a single team member.
      • These limits apply only to Sensitive Data Manager (SDM) Agents (versions 12.6.1 and earlier), NOT Greyhound Agents (versions 13.0+)
      • Valid values: 1-999,999
      • Default: 5
    • Maximum Number of Items When Using Distributed Scanning: When using the maximum number of items while using distributed searching, this is the maximum number of items that can be assigned.
      • These limits apply only to Sensitive Data Manager (SDM) Agents (versions 12.6.1 and earlier), NOT Greyhound Agents (versions 13.0+)
      • Valid values: 0-999,999,999
      • Default value: 100,000
    • Results Streaming Chunk Size: The size of the data chunks the agent sends to RabbitMQ as it is scanning, up to the max value set.
      • Default: 300000 (bytes)
      • Applies only to Greyhound Agents (versions 13.0+)
    • Delayed policy confirm: When this setting is disabled (not checked), which is the default setting, policies are processed, made available to the agent, and then applied by the agent.
      • The agent then reports the policy state to the Console and the agent can then request additional policies.
      • Policy confirmation is a resource intensive process and may lock agents or other service tasks, causing a negative performance impact.
      • If that happens, this setting should be enabled and the confirmation is executed by the Update Policy States service task at a later time instead of when an agent reports it.
      • Enabling this setting lowers the pressure on resources, but it does not prevent agents from checking for new policies.
      • If this setting is enabled, policies are still processed, made available to the endpoint and then applied by the endpoint.
      • However, there is no confirmation that the policy has been applied by the endpoint.
      • The Policies State on the Status tab shows as 'Pending Confirm'.
      • The Update Policy State service job needs to be executed to update this state.
      • When Delayed Policy Confirm is enabled, the Pending Confirm state is set for an agent after the agent confirms it policies.
      • The state clears after the service job has executed.
      • The setting should be enabled if the Console is experiencing problems with deadlocks or timeouts.
    • Apply multiple rows locations actions during import: If an action (shred, redact, quarantine, Restrict Access, ignore), has been applied to a location on the agent, when the action is reported to the Console during import the Console searches for all previously imported search results of this location and applies the same action to those search results.

      Note: If a distributed scan does not complete when run against a very large data set, set the thresholds to a minimum of 5 MB and a maximum of 10 MB and re-run the scan.

      Contact your Customer Success Manager if you have any questions.
      • In normal operations Spirion recommends this setting remain enabled (default).
      • If you find imports are taking an excessively long time to complete or there are timeouts occurring in the Server Service log, including ApplyMultiRowLocationActions in the text of the exception details, then you may disable the setting "Apply multiple rows location actions during import" on the Scans Settings page.
      • Disabling this setting accelerates results being imported into the Console database by applying the action only to the currently imported results and not to any previously imported results.
      • Default: Enabled.


Was this article helpful?

Powered by Product Fruits