Skip to main content
Contact Support

Who is this article for?

Incydr
Code42 for Enterprise
CrashPlan for Enterprise
CrashPlan for Small Business

Incydr, no.

CrashPlan for Enterprise, no.

Code42 for Enterprise, yes.

CrashPlan for Small Business, no.

This article applies to on-premises authority servers.

Other available versions:

Cloud

HOME
GETTING STARTED
RELEASE NOTES
FAQs
APIs
SYSTEM STATUS
Code42 Support

Endpoint Monitoring settings reference

  1. Last updated
  2. Save as PDF

Who is this article for?

Incydr
Code42 for Enterprise
CrashPlan for Enterprise
CrashPlan for Small Business

Incydr, no.

CrashPlan for Enterprise, no.

Code42 for Enterprise, yes.

CrashPlan for Small Business, no.

This article applies to on-premises authority servers.

Other available versions:

Cloud

Overview

This article contains a reference guide for settings used to enable endpoint monitoring for your entire Code42 environment. To access endpoint monitoring, navigate to Settings > Endpoint Monitoring.

Endpoint Monitoring

Endpoint Detection Settings

Item Description
a Removable media

Enables or disables scanning of file metadata on all removable media, such as USB drives or SD cards.
b

Cloud Sync Applications 

(version 8.2 and later)

 

Cloud service

(versions 6.0.x - 7.0.5)

Enables or disables detection of syncing files using these cloud storage apps:

  • Box
  • Box Drive (Mac only, version 6.8.4 and later)
  • Dropbox
  • Google Backup and Sync
  • iCloud
  • OneDrive
    • Version 7.0 and later: Code42 watches a personal OneDrive account and up to two OneDrive for Business accounts on each device.
    • Version 6.x: OneDrive for Business is not supported.
c

Browser and other Application Activity 

(version 8.2 and later) 

 

Application Activity

(version 7.0 and later)

 

Browser activity
(version 6.5 - 6.8)

 

File upload
(version 6.0.x)

Enables or disables detection of files accessed by web browsers and other applications (for example, uploading attachments to web-based email or downloading files via FTP).

This may also include other instances of apps accessing a file, such as opening a local file to view it in a web browser without actually uploading it.

Devices using Code42 app versions older than 7.0.0 only monitored activity in web browsers, and only on Windows devices. Version 7.0.0 expands upload and download detection to include Macs as well as other applications, such as Slack, FileZilla, FTP, and cURL.
d

File restore

(versions 7.x and earlier)

Enables or disables detection of file-restore activity, such as restores of files belonging to other users.
e

Pattern matching

(versions 7.x and earlier)

Enables or disables detection of dangerous, malicious, or sensitive file metadata and file contents based on specified patterns using the YARA rule framework. Pattern matching requires creating a YARA rule file and manually deploying it to each user device. Unlike the other types of endpoint monitoring, pattern matching only searches files included in the user's backup file selection.

Pattern matching can scan for MD5 hash and filename matches on any file, but does not extract file contents of binary or compressed files. Practically speaking, this means pattern matching only searches the contents of plain text files, unless you create a rule targeting a specific binary string.
Google Drive File Stream activity not detected by endpoint monitoring
Google's Drive File Stream retrieves files by mounting a temporary internal drive partition on the user's device and streaming files to the temporary drive. The Code42 app only monitors file movement to external drives, so it does not detect this activity.