Forensic Entity Data

Contributors netapp-alavoie Download PDF of this topic

toc: macro :hardbreaks: :toclevels: 1 :nofooter: :icons: font :linkattrs: :imagesdir: ./media/

Use the Entities page to identify entities that have been accessed and determine if any of the entities are related to alerts raised by Cloud Secure.

Examining Entity Access Data

Click Forensic > Entities to access the Entities page. The page describes the following activity details:

  • Entity name with a link to the Forensic Entities Detail page

  • Type of entity it is:

    • File, directory, or object

  • The path to the entity

  • The size of the entity

  • The device name

  • Community count

  • last accessed

  • Last accessed by

  • Any alerts raised against the entity:

    • Represents a critical alert

    • Represents a warning alert

    • Represents an alert that has been corrected.

  • The number of communities the entity is a member of

  • When the entity was last accessed

Filtering Forensic Entity Data

You can filter the entity data by the following

  • Alerts - the severity of the alert

  • Community Relationship With Entity - the number of communities related to the entity

  • Entity Path

  • Last Entity Accessed can be filtered by a numerical value.

All fields can be set to ascending or descending order.

Click Search for and select an entity to access the Forensic Entity Detail.

Click the clock icon to select the range of time for data you want to view. You can also use Custom to specify a custom data range.