- System requirements
- Minimum privileges required
- Default port configuration
- Installing DataSecurity Plus
- Uninstalling DataSecurity Plus
- Starting DataSecurity Plus
- Launching DataSecurity Plus
- Configuring your solution
- Licensing details
- Applying a license
- About File Auditing
- Domain configuration
- File server configuration
- Failover cluster configuration
- NetApp server configuration
- Workgroup configuration
Setting up File Audit
- About File Analysis
Setting up File Analysis
Data Risk Assessment
- About Data risk assessment
Setting up Data risk assessment
- About Endpoint DLP
Setting up Endpoint DLP
- About Cloud Protection
- Gateway Server Configuration
- Certificate Authority Configuration
- Gateway Configuration in Endpoint
- Manage Certificate Trust Store
- Threat Analytics Database
- Manage Banned Applications
- Manage Authorized Applications
- Gateway Server Failover
- Two-way SSL configuration
- Global Insight
- Application Insight
- User Insight
- Shadow Application Insight
- Banned Application Insight
- Cloud Access Reports
- Application Insights
- Shadow Cloud Application Reports
- Banned Cloud Application Reports
- File Upload Reports
Setting up Cloud Protection
- Technician configuration
- Email configuration
- Notification filters
- Manage agent
- SIEM integration
- Business hours configuration
- Two-factor authentication
- Workgroup configuration
- Security policy
- Agent document
- How to Migrate/Move DataSecurity Plus
- How to apply SSL certificate
- How to automate DataSecurity Plus database backup
- How to set alerts in DataSecurity Plus
Configuring alerts in File Analysis
To configure alerts in the File Analysis module:
- Select File Analysis from the application drop-down menu at the top.
- Go to Configuration.
- On the left-hand menu, go to Settings → Alert Configuration.
- Click the + Create Alert button at the top-right corner.
- Provide a suitable name for the alert.
- Under Alert Source, choose File Metadata for file security events or choose Disk Usage for file storage events.
- Describe the new alert with required information.
- From the drop-down, classify the alert based on Severity.
- Under Criteria, provide details on when to trigger alerts with the Include configuration.
- To narrow down the reports and reduce false positives, you can choose to add details in the Exclude configuration tab.
- In the Response tab, you can enable email notifications, write custom scripts, or choose to move or delete files.
Note: The move response supports only the following UNC formats:
Example 1: To move a file to folder Myfolder within drive C in server S01, configure the destination path as \\S01\C$\Myfolder
Example 2: To move a file to folder Myfolder within Myshare in server S01, configure the destination path as \\S01\Myshare\Myfolder
Tip: Scripts are by far the most underrated response strategy. You can run scripts to shut down servers, stop user sessions, disable accounts, and much more. Do you want to request a custom response? Contact our support team.
- Once you have chosen one or multiple responses, click Save.
How to write and use custom scripts in DataSecurity Plus
To respond to a triggered alert, you can choose from the predefined scripts available or write your own. To configure a scripted response, follow these steps:
Step 1 - Add the script file path
Enter the path of the script file you want to execute in the designated text box. Check the examples below for reference.
Example 1: "[installation_directory]\bin\alertScripts\Shutdown.exe"
Example 2: For .ps1 script files, prefix the script file path with powershell.exe -file.
powershell.exe -file "[installation_directory]\bin\alertScripts\disableNetwork.ps1"
Example 3: wscript "[installation_directory]\bin\alertScripts\move.vbs"
Note: All alert scripts must be located within the [installation_directory]\bin\alertScripts folder.
Step 2 - Choose arguments from the drop-down
Choose additional event parameters to be passed as command line arguments. If you want to pass multiple arguments, select the arguments in the order in which you want to pass them.
For example, to change permissions given for stale files, configure the alert settings using the below details.
Last Access Time = Before = 2 Year(s)
Script file path: "C:\ProgramFiles\ScriptFiles\ChangePermissions.bat"