Skip to main content
Contact Support

Who is this article for?

Incydr Professional, Enterprise, Horizon, and Gov F2
Incydr Basic, Advanced, and Gov F1

Find your product plan in the Code42 console on the Account menu.

Instructor, no.

Incydr Professional, Enterprise, Horizon, and Gov F2, yes.

Incydr Basic, Advanced, and Gov F1, yes.

CrashPlan Cloud, no.

CrashPlan for Small Business, no.

HOME
GETTING STARTED
RELEASE NOTES
FAQs
APIs
SYSTEM STATUS
Code42 Support

Incydr Labs

  1. Last updated
  2. Save as PDF

Overview

Incydr Labs is a testing ground for experimental features. Labs includes reporting options for visualizing file event data.

Considerations  

  • You must have a role with permissions to search file event data in Forensic Search to use Labs. 
  • Incydr Labs is not available in the Code42 federal environment.
  • Labs preferences such as time ranges and editable lists are stored in local browser storage. These preferences are: 
    • Retained if you restart your browser
    • Not shared across users 
Share your feedback on Labs 
Due to the experimental nature of Incydr Labs, features may change or disappear at any time. If you have feedback on Labs, contact your Customer Success Manager (CSM).   

Access Labs 

To access Incydr Labs: 

  1. Sign in to the Code42 console
  2. Click the Labs icon Labs icon from the top navigation menu. 
    The available labs appear.
  3. Click View for one of the labs options. 
    Labs landing page

Chart builder

Use Chart builder to create a custom chart for a variety of use cases. For example, you can visualize risk over time or track exfiltrated files by file classification data. 

Chart builder by destination names and file category

Item Description
a Date selector

Select a time range for the chart data. Times are evaluated as Coordinated Universal Time (UTC).

 

Select Include trusted activity to include activity that occurred in a location on your list of trusted activity or was observed in a corporate cloud data service monitored by Incydr.
b Show chart description Click to show a description of Chart Builder and the available chart types. 
c Chart type

Select one of the available chart types: 

  • Column: A stacked column chart with the primary field as the X axis and event count as the Y axis. The data is broken down by the secondary field.  
  • Heatmap: Shows the frequency of events using color, with the primary field as the X axis and the secondary field as the Y axis. Each cell includes the event count.
  • Histogram: A frequency distribution chart that shows the unique count of primary field values over time. 
  • Pie: Shows the number of events for each primary field value in pie chart format. 
d Primary field Defines the primary search criteria. Options are listed as Code42 API field names
e Secondary field Defines the secondary search criteria. Only available for column chart types. Options are listed as Code42 API field names
f Search Performs a search based on the current search criteria. 
g Export

Downloads the current search results to a CSV file.

  • Only includes the fields applicable to your product plan.
  • The CSV file is UTF-8 encoded.
  • Some CSV column headers have different names than the corresponding field labels in Forensic Search. See Field name mapping and definitions for complete details.

Risk combinations 

Use Risk combinations to view the most common combinations of risk indicators. Risk combinations can help you investigate high risk file type, destination, and user behavior. 

Risk combinations with annotations

Item Description Click to view
a Date selector Select a time range for the chart data. Times are evaluated as Coordinated Universal Time (UTC).  --
b Search risk indicator Select an item from the menu or type the name of a risk indicator to filter by. To learn more about risk indicators, see the Risk settings reference --
c Circle graph Circle graph showing related risk indicators for the selected risk indicator. 

Hover over points on the graph to view the details of the related risk indicator. 

 

Click points on the graph to view the file event details in Forensic Search
d Column graph Column graph showing frequency of related risk indicators by severity.

Hover over sections of the graph to view the details of the related risk indicator. 

 

Click sections of the graph to view the file event details in Forensic Search.

Unmatched cloud usernames 

Use Unmatched cloud usernames to export a list of cloud storage usernames that are not associated with a Code42 user. Use this information to correctly match usernames in your corporate cloud storage with Code42 users. 

Unmatched cloud usernames

Item Description
a All connectors Select the cloud storage data connection to show data for.
b Date selector Select a time range for the data. Times are evaluated as Coordinated Universal Time (UTC).
c Export

Downloads the current search results to a CSV file. The CSV file is UTF-8 encoded. 
d User email The cloud alias for which a corresponding Code42 username could not be found. 
e Source The corporate cloud storage environment where file events originated.
f Events The number of file events associated with the cloud alias user.
  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Reference
    Available in CrashPlan Cloud
    No
    Available in other/on-premises product plans
    No
    Available in Incydr Basic and Advanced
    Yes
    Available in Incydr Pro, Enterprise, and Horizon
    Yes
    Available in Instructor
    No
    Available in CrashPlan for Small Business
    No
    Stage
    Draft
  2. Tags
    1. chart builder
    2. Forensic search
    3. labs
    4. risk combinations