Destination risk indicator activity reference
Overview
The Destination risk indicator activity graph on the Risk Exposure dashboard shows all of the file events that occurred across your organization by the event's destination risk indicator (where the file is moved or uploaded).
To see the Destination risk indicator activity graph, sign in to the Code42 console.
For more information about the Risk Exposure dashboard, see:
For permissions, licensing, and visibility considerations for the Risk Exposure dashboard, see Risk Exposure dashboard reference.
Considerations
To see cloud service activity, you must allow Code42 access to your cloud services.
Destination risk indicator activity
Destination risk indicators are dynamic
The list of destination risk indicators shown is dynamic. Only risk indicators with untrusted file activity are shown.
For example, if there is no Box file activity in the selected timeframe, or if you have not given Code42 access to your Box environment for monitoring, the Box corporate data connector is not listed.
| Item | Description | |
|---|---|---|
| a | Selected time frame |
Shows the time frame the file activity occurred in. Change the time frame in the upper-right corner of the page. |
| b | Filter |
Click to filter the graph and events in the table by:
|
| c | Filtered by | Shows the filters currently applied to the data shown in the graph as well as the data available in the destination indicators. Click the "x" on a filter to remove it. |
| d | Showing |
Lists the destination risk indicator you are viewing. |
| e |
Select destination risk indicator |
Select a destination risk indicator to see where the file was sent and its associated risk. Destination risk indicators apply risk scores to file events based on where a file is moved or uploaded. See the list of destination risk indicators for more details on what types of destinations you may have in your Code42 environment. |
| f | Events | Number of file events associated with the destination for the selected time frame. |
| g | Size | Total size of files involved with the file activity. |
| h | Activity preview | Shows a visual representation of file activity for the selected time frame. |
| i | View event details  |
Click to view more information about the file events. |
Filter
| Item | Description | |
|---|---|---|
| a | Event severity | Select one or more file severities to view in the graph. No risk indicated events are file events that have a risk score of zero. For more details about calculating risk severity, see Risk settings reference. |
| b | Risk indicator |
Click to select one or more risk indicators to view in the graph. For more details about what risk indicators are and how they're applied, see Risk settings reference |
| c | Apply | Click Apply to filter the information in the graph by your criteria or click Cancel. |
View details
| Item | Description | |
|---|---|---|
| a | Risk indicator |
Shows the selected risk indicator. For more details about what risk indicators are and how they're applied, see Risk settings reference. |
| b | Untrusted events | Shows the number of events that are NOT trusted in your Code42 environment. Trust is evaluated based on your trust settings. You can view all events, trusted or not, in Forensic Search. |
| c | Investigate in Forensic Search  |
Click to view all of the untrusted events in Forensic Search. |
| d | View details  |
Click to view more details about the events. |
| e | Number of events by severity | Shows the number of file events by the selected severities. For more information about how severity is determined, see Risk settings reference. |
| f | Top users by events |
Shows the users with the most file activity for the selected risk indicators and filters. Email address only
If you see a user with just an email address and no Code42 username, the email address hasn't been designated as a cloud alias or the user doesn't have the Code42 agent on their device. |
| g | Watchlist | Shows what watchlists, if any, the user is on. For more information about watchlists, see Watchlists reference. |
| h | File events with associated severity | Shows the number of file events and the total file size for the selected file severities. |