Help Center
Quick Start
- Overview
- System requirements
- Minimum privileges required
- Default port configuration
- Installing DataSecurity Plus
- Uninstalling DataSecurity Plus
- Starting DataSecurity Plus
- Launching DataSecurity Plus
- Configuring your solution
- Licensing details
- Applying a license
File Auditing
- About File Auditing
- Domain configuration
- File server configuration
- Failover cluster configuration
- NetApp server configuration
- Workgroup configuration
Setting up File Audit
Dashboard
Reports
Alerts
Configuration
Storage Configuration
File Analysis
- About File Analysis
Setting up File Analysis
Dashboard
Reports
Alerts
Configuration
Data Risk Assessment
- About Data risk assessment
Setting up Data risk assessment
Dashboard
Reports
Ownership analysis
Configuration
Endpoint DLP
- About Endpoint DLP
Setting up Endpoint DLP
Reports
Alerts
Prevention policies
Configuration
Cloud Protection
- About Cloud Protection
- Gateway Server Configuration
- Certificate Authority Configuration
- Gateway Configuration in Endpoint
- Manage Certificate Trust Store
- Threat Analytics Database
- Manage Banned Applications
- Manage Authorized Applications
- Gateway Server Failover
- Two-way SSL configuration
- Global Insight
- Application Insight
- User Insight
- Shadow Application Insight
- Banned Application Insight
- Cloud Access Reports
- Application Insights
- Shadow Cloud Application Reports
- Banned Cloud Application Reports
- File Upload Reports
Setting up Cloud Protection
Dashboard
Reports
Storage Configuration
Administrative settings
- Technician configuration
- Email configuration
- Notification filters
- Manage agent
- SIEM integration
- Business hours configuration
- Two-factor authentication
- Workgroup configuration
- Security policy
General settings
Release notes
2023
2022
2021
2020
2019
2018
2017
2016
2015
Troubleshooting
Guides
- Agent document
- How to Migrate/Move DataSecurity Plus
- How to apply SSL certificate
- How to automate DataSecurity Plus database backup
- How to set alerts in DataSecurity Plus
Data discovery alerts
Default alert profiles
Generate instant email notifications when content that matches the alert conditions is found within your data repository. The alert conditions that can be configured include File Name, Location, File Type, File Owner, and Policy Matched. The notifications will be triggered every time a file containing content that matches the alert condition is found, in real time.
The triggered alert will include details on the file name, location, risk score, matched policies, number of occurrences within the file, etc.
Find and edit the default alerts offered by DataSecurity Plus using these steps:
- Select Risk Analysis from the application drop-down.
- Go to Configuration > Data Discovery Settings > Alert Profile.
- The Alert Profile Configuration window will list all built-in alert rules offered by DataSecurity Plus.
- Click the edit icon next to the alert profile you want to modify.
- Update details such as data source, severity, description, conditions for the alert, etc., based on your requirement.
- Click Save.
Creating new alert profiles
Custom alert profiles inform stakeholders whenever a file containing high-value content is found. It can be used to:
- Meet data subjects' access requests.
- Find all locations where businesses' proprietary information is stored.
- Locate specific employee or customer information.
To create new alert profiles, follow these steps:
- Select Risk Analysis from the application drop-down.
- Go to Configuration > Data Discovery Settings > Alert Profile.
- Click the +Create Alert button at the top-right corner.
- Name the alert profile and include an appropriate description.
- Select the data source for which you want to configure the alert.
- Choose alert Severity.
- Under Criteria, choose the conditions that are necessary to find the high-value content.
- Select Response, check Enable email notification.
- Type in the email recipient details along with the email subject and message.
- Check Limit number of mails and type in the desired values if you want to be notified only a limited number of times and not every time a file with content that matches the alert condition is found.
- Click Save.
You can find a report with all the details about the alerts triggered under Risk Analysis > Reports.
How to write and use custom scripts in DataSecurity Plus
Apart from email notifications, you can also configure automated response actions to trigger alerts. You can choose a response from the predefined scripts available or write your own. To configure scripted responses, follow these steps:
Step 1 - Add the script file path
Enter the path of the script file you want to execute in the designated text box. Check the examples below for reference.
Example 1: "[installation_directory]\bin\alertScripts\Shutdown.exe"
Example 2: For .ps1 script files, prefix the script file path with powershell.exe -file.
powershell.exe -file "[installation_directory]\bin\alertScripts\disableNetwork.ps1"
Example 3: wscript "[installation_directory]\bin\alertScripts\moveLocation.vbs"
Note: All alert scripts must be located within the [installation_directory]\bin\alertScripts folder.
Step 2- Choose arguments from the drop-down
Choose additional event parameters to be passed as command line arguments. If you want to pass multiple arguments, select the arguments in the order in which you want to pass them.
For example, to limit access to sensitive files, configure the alert settings using the below details.
Policy = Equals = PCI DSS
Script file path: "C:\ProgramFiles\ScriptFiles\LimitAccess.bat"
Arguments: File Name