All activity view reference
Overview
The Risk Exposure dashboard shows all of the file events that occurred across your organization, organized by different subsets of file activity:
- Endpoint activity: Summarizes file activity that occurred on the devices of your employees
- Cloud sharing: Shows all files in your cloud services that had permission changes, making them available via a direct link or public on the web.
- Remote activity: Shows all remote file activity that occurred on an endpoint. Remote activity is determined to be any file activity that occurs outside of your trusted IP addresses.
To see the All activity view, sign in to the Code42 console.
For more information about the Risk Exposure dashboard, see:
For permissions, licensing, and visibility considerations for the Risk Exposure dashboard, see Risk Exposure dashboard reference.
All activity view
| Item | Description | |
|---|---|---|
| a | Endpoint activity | Shows all endpoint file activity across your organization. File events include files moved to removable media or cloud sync folders, or viewed in a browser or other app. |
| b | Cloud sharing | Shows file activity where permissions were increased on a file in your cloud services, making the file available via a direct link or publicly available on the web. This tab requires Code42 access to your cloud services. |
| c | Remote activity |
Shows all remote file activity that occurred on an endpoint. File events can include files moved to removable media or cloud sync folders, or viewed in a browser or other app.
When configured, remote activity is detected for endpoint events from out-of-network IP addresses. |
| d | Timeframe | Displays file activity for the last 90 days, 30 days, 7 days, or 1 day. |
| e | By destination - Cloud service | Displays when a file exists in a folder on the device that is used for syncing with one of these cloud services:
|
| f | By destination - Browser or app | Displays details about files opened in an app that is commonly used for uploading files, such as a web browser, Slack, FTP client, or curl. If you have configured trusted domains, file events that happen on trusted domains are removed from these counts. |
| g | By destination - Removable media | Displays when files have been moved to an external device such as a USB drive or hard drive. Click View event details to see file activity broken out by removable media device vendor and bus type. "Other" is shown when the vendor and bus type cannot be determined.
Removable media vendor preview
If vendor details do not appear in this view, you can still view them in Forensic Search. The removable media vendor is not available in this view for file events that occurred prior to August 12, 2020. For example, you may see vendor details when looking at the last 7 days of file events, but if you switch to 90 days and that view includes file events that occurred before August 12, 2020, those details will not be available in this view. Instead, click Investigate in Forensic Search to see those details. |
| h | By file category group | |
| i | Forensic Search  |
Opens Forensic Search and pre-populates it with the selected timeframe and exposure type. Learn more about using Forensic Search. |
| j | View event details  |
Click to view the file events broken down by destination or file category group. |