Incydr Labs is a testing ground for experimental features. Labs includes reporting options for visualizing file event data.
- You must have a role with permissions to search file event data in Forensic Search to use Labs.
- Incydr Labs is not available in the Code42 federal environment.
- Labs preferences such as time ranges and editable lists are stored in local browser storage. These preferences are:
- Retained if you restart your browser
- Not shared across users
Due to the experimental nature of Incydr Labs, features may change or disappear at any time. If you have feedback on Labs, contact your Customer Success Manager (CSM).
To access Incydr Labs:
- Sign in to the Code42 console.
- Click the Labs icon from the top navigation menu.
The available labs appear.
- Click View for one of the labs options.
Use Chart builder to create a custom chart for a variety of use cases. For example, you can visualize risk over time or track exfiltrated files by file classification data.
Select a time range for the chart data. Times are evaluated as Coordinated Universal Time (UTC).
|b||Show chart description||Click to show a description of Chart Builder and the available chart types.|
Select one of the available chart types:
|d||Primary field||Defines the primary search criteria. Options are listed as Code42 API field names.|
|e||Secondary field||Defines the secondary search criteria. Only available for column chart types. Options are listed as Code42 API field names.|
|f||Search||Performs a search based on the current search criteria.|
Downloads the current search results to a CSV file.
Use Risk combinations to view the most common combinations of risk indicators. Risk combinations can help you investigate high risk file type, destination, and user behavior.
|Item||Description||Click to view|
|a||Date selector||Select a time range for the chart data. Times are evaluated as Coordinated Universal Time (UTC).||--|
|b||Search risk indicator||Select an item from the menu or type the name of a risk indicator to filter by. To learn more about risk indicators, see the Risk settings reference.||--|
|c||Circle graph||Circle graph showing related risk indicators for the selected risk indicator.||
Hover over points on the graph to view the details of the related risk indicator.
Click points on the graph to view the file event details in Forensic Search.
|d||Column graph||Column graph showing frequency of related risk indicators by severity.||
Hover over sections of the graph to view the details of the related risk indicator.
Click sections of the graph to view the file event details in Forensic Search.
Unmatched cloud usernames
Use Unmatched cloud usernames to export a list of cloud storage usernames that are not associated with a Code42 user. Use this information to correctly match usernames in your corporate cloud storage with Code42 users.
|a||All connectors||Select the cloud storage data connection to show data for.|
|b||Date selector||Select a time range for the data. Times are evaluated as Coordinated Universal Time (UTC).|
Downloads the current search results to a CSV file. The CSV file is UTF-8 encoded.
|d||User email||The cloud alias for which a corresponding Code42 username could not be found.|
|e||Source||The corporate cloud storage environment where file events originated.|
|f||Events||The number of file events associated with the cloud alias user.|