The Destination activity over time graph on the Risk Exposure dashboard shows all of the file events that occurred across your organization by where the file went (its destination).
To see the Destination activity over time graph, sign in to the Code42 console.
For more information about the Risk Exposure dashboard, see:
For permissions, licensing, and visibility considerations for the Risk Exposure dashboard, see Risk Exposure dashboard reference.
To see cloud service activity, you must allow Code42 access to your cloud services.
Destinations are dynamic
The list of destinations shown on each tab of this graph is dynamic. Only destinations with file activity are shown.
For example, if there is no Box file activity in the selected timeframe, or if you have not given Code42 access to your Box instance
for monitoring, the Box destination will not be listed.
Destination activity over time
||Displays the currently selected destination.
Where the file was sent. Destinations include:
- AirDrop: Files were sent to a device via AirDrop. The destination category for AirDrop events is listed as "Device" in the Exposure section of Forensic Search.
- Cloud destinations: The file exists in a folder on the user's device that is used for syncing with a cloud service. Cloud folder sync activity includes activity for:
- Apple iCloud
- Box Drive
- Google Backup and Sync
- Google Drive
- Microsoft OneDrive
- Cloud data connectors: The file was shared from your corporate cloud storage with either a direct share or with a public link. Cloud sharing activity includes shares from your corporate Box, Google Drive, and OneDrive and details how the file was shared (for example, public link from corporate Box). You must connect at least one cloud storage environment to Code42 to see cloud destination file activity.
- Email services: The file was uploaded from an endpoint to email provider via a web browser.
- Email data connectors: The file was sent from one of the following corporate email services:
Microsoft Office 365
- Messaging services: The file was sent via a messaging service.
- Removable media: The file was moved to an external device such as a USB drive or hard drive. Click View event details to see file activity broken out by removable media device vendor.
- Social media: The file was uploaded to social media. This does not necessarily mean it's posted publicly. For example, the file could have been sent in a direct message on LinkedIn.
- Source code repository: The file was uploaded to a location typically used for storing code files.
- Other: File activity where the destination does not match any of the above destinations, or in the following special cases:
- Files were opened in an app that is commonly used for uploading files such as FTP client or curl.
- We cannot determine the destination. On Macs, this may indicate Code42 does not have the required permissions to collect the destination details.
- Multiple possibilities appears if the user accessed more than one tab while uploads were in progress. Review the Active tab titles and URLs to identify all possible destinations.
The Other destination does not show the Events bar graph and is shown at the bottom of the list of destinations regardless of sort order.
||Number of file events associated with the destination for the selected timeframe.
||Events bar graph
||Shows the relative number of file events.
||Total size of files involved with the file activity.
||Shows file activity for the selected time frame.
||Opens Forensic Search and pre-populates it with the selected timeframe and exposure type. Learn more about using Forensic Search.
||View event details
||Click to view the file events broken down by file category group.