Search the ManageEngine site:  
 

Help Center

Quick Start

File Auditing

File Analysis

Data Risk Assessment

Endpoint DLP

Cloud Protection

General settings

Policy Configuration

Release notes

Troubleshooting

Guides

Third-party software Contact us

Scheduling scans

Note:

Customers who installed DataSecurity Plus prior to build 6050 can only manually schedule data discovery scans. Find the steps to manually schedule a data discovery scan here.

All DataSecurity Plus builds from 6050 onwards will automatically schedule scans and let users track the scan progress.

Running data discovery scans in product installations of build 6050 and above

Once a data source is configured successfully in the Risk Analysis module, DataSecurity Plus will automatically schedule data discovery scans. The Risk Analysis module performs two types of scans:

  • Full scans: These data discovery scans are automatically scheduled when data sources are first configured in DataSecurity Plus. The full scan will run only once unless manually initiated again. In such cases, users have the option of rescanning data sources or individual shares by following the steps in the Rescanning devices and shares section on this help page.
  • Incremental scans: These scans look for sensitive data in newly created and modified files. Incremental scans run once a week and cannot be initiated manually.

Note: For builds prior to 6130, incremental scans for the configured devices run once in the first week of every month.

The time it takes to complete a data discovery scan depends on the resources allocated for the data discovery scan and the volume of data to be scanned.

Tip:
  • Data discovery by itself is a CPU-intensive task. Add the most critical business hours to timing exclusions to minimize the effects on productivity. Refer to the Exclude configuration help page for steps.
  • The heap size is the ongoing process memory space that is allocated for all DataSecurity Plus functions. A heap memory of 1-2GB is sufficient for all DataSecurity Plus modules except Risk Analysis. For Risk Analysis, allocate 4GB because data discovery is a memory-intensive process.

Viewing the scan execution history and status

You can check the status of the data discovery scan for any configured device by following these steps:

  • Select Risk Analysis from the modules drop-down.
  • Go to Configuration > Data Sources and select On-prem Devices or SQL Servers depending on the target device's type.
  • In the Execution History column, click View History for the data source you want to analyze the scan history for. The complete scan history for that data source, including the scan start time, end time, and current status, will be displayed.

Rescanning devices and shares

If you want to update your Risk Analysis records before scheduled scans, you can manually initiate a full scan of a device or a specific share on a device.

Rescanning a device

To rescan a configured device, follow these steps:

  • Log in to the DataSecurity Plus web console.
  • Select Risk Analysis from the modules drop-down.
  • Go to Configuration > Data Sources and select On-prem Devices or SQL Servers depending on the target device's type.
  • On the Configured Devices or Configured SQL Servers page, you'll find a list of devices. Click the Rescan Device icon in the Actions column next to your target device to start scanning and click OK.

Rescanning a file share

Granularly, you can also manually rescan individual shares. To do so, follow these steps:

  • Log in to the DataSecurity Plus web console.
  • Select Risk Analysis from the modules drop-down.
  • Go to Configuration > Data Sources and select On-prem Devices or SQL Servers depending on the target device's type.
  • On the Configured Devices or Configured SQL Servers page, click the Edit Configuration icon in the Actions column next to the target device. This will list the configured shares on that device.
  • Select the shares you want to rescan and click the Rescan Share icon in the leftmost column.
  • Click OK.

Stopping data discovery scans

To stop a data discovery scan running on a specific device, follow these steps:

  • Select Risk Analysis from the modules drop-down.
  • Go to Configuration > Data Sources and select On-prem Devices or SQL Servers depending on the target device's type.
  • In the Last Schedule Status column, click Under Process [More info] for the data source you want to view the scan history for.
  • Click Stop Scanning in the Schedule Status window.

The Schedule Status window also provides information on the total number of entities processed, the number of rule-matched files, the total data size processed, and more.

Note: Once stopped, data discovery scans cannot be resumed. Users can choose to initiate a new data discovery scan by following the steps in the Rescanning devices and shares section on this help page.

Scheduling data discovery scans in product installations prior to build 6050

Follow the steps below to schedule data discovery scans:

  • Select Risk Analysis from the modules drop-down.
  • Go to Configuration > General Settings > Schedule.
  • Click + Add Schedule in the top-right corner.
  • Name the schedule and include an appropriate description.
  • Select the policies you want to scan.
  • Select the shares you want to scan.
  • Check the Enable incremental file scan box.

    • Best practice: Always check the Enable incremental file scan box unless it is a one-time scan. This reduces the running time by scanning only new and modified files.

  • Select the Schedule Duration.
  • Select the Starting Date.
  • Specify the Exclusion Timing.

    • Tip: Data discovery by itself is a CPU-intensive task. Add the most critical business hours to timing exclusions to minimize disruptions to productivity.

  • Click Add.
  • Click Save.

Topics in this page:

Don't see what you're looking for?

  • Visit our community

    Post your questions in the forum.

     

  • Request additional resources

    Send us your requirements.

     

© 2024 Zoho Corporation Pvt. Ltd. All rights reserved.