Help Center

Third-party software Contact us

Data discovery alerts

Default alert profiles

Generate instant email notifications when content that matches the alert conditions is found within your data repository. The alert conditions that can be configured include File Name, Location, File Type, File Owner, and Policy Matched. The notifications will be triggered every time a file containing content that matches the alert condition is found, in real time.

The triggered alert will include details on the file name, location, risk score, matched policies, number of occurrences within the file, etc.

Find and edit the default alerts offered by DataSecurity Plus using these steps:

  • Select Risk Analysis from the application drop-down.
  • Go to Configuration > Data Discovery Settings > Alert Profile.
  • The Alert Profile Configuration window will list all built-in alert rules offered by DataSecurity Plus.
  • Click the edit icon next to the alert profile you want to modify.
  • Update details such as data source, severity, description, conditions for the alert, etc., based on your requirement.
  • Click Save.

Creating new alert profiles

Custom alert profiles inform stakeholders whenever a file containing high-value content is found. It can be used to:

  • Meet data subjects' access requests.
  • Find all locations where businesses' proprietary information is stored.
  • Locate specific employee or customer information.

To create new alert profiles, follow these steps:

  • Select Risk Analysis from the application drop-down.
  • Go to Configuration > Data Discovery Settings > Alert Profile.
  • Click the +Create Alert button at the top-right corner.
  • Name the alert profile and include an appropriate description.
  • Select the data source for which you want to configure the alert.
  • Choose alert Severity.
  • Under Criteria, choose the conditions that are necessary to find the high-value content.
  • Select Response, check Enable email notification.
  • Type in the email recipient details along with the email subject and message.
  • Check Limit number of mails and type in the desired values if you want to be notified only a limited number of times and not every time a file with content that matches the alert condition is found.
  • Click Save.

You can find a report with all the details about the alerts triggered under Risk Analysis > Reports.

How to write and use custom scripts in DataSecurity Plus

Apart from email notifications, you can also configure automated response actions to trigger alerts. You can choose a response from the predefined scripts available or write your own. To configure scripted responses, follow these steps:

Step 1 - Add the script file path

Enter the path of the script file you want to execute in the designated text box. Check the examples below for reference.

Example 1: "[installation_directory]\bin\alertScripts\Shutdown.exe"

Example 2: For .ps1 script files, prefix the script file path with powershell.exe -file.
powershell.exe -file "[installation_directory]\bin\alertScripts\disableNetwork.ps1"

Example 3: wscript "[installation_directory]\bin\alertScripts\moveLocation.vbs"

Note: All alert scripts must be located within the [installation_directory]\bin\alertScripts folder.

Step 2- Choose arguments from the drop-down

Choose additional event parameters to be passed as command line arguments. If you want to pass multiple arguments, select the arguments in the order in which you want to pass them.

For example, to limit access to sensitive files, configure the alert settings using the below details.

Policy = Equals = PCI DSS

Script file path: "C:\ProgramFiles\ScriptFiles\LimitAccess.bat"

Arguments: File Name

Topics in this page:

Don't see what you're looking for?

  • Visit our community

    Post your questions in the forum.

     
  • Request additional resources

    Send us your requirements.