Overview
Use the Data Connections page in the Code42 console to add and manage third-party services that are connected to Code42.
Considerations
Data Connections
To add and manage data connections, go to Administration > Integrations > Data Connections.
Item | Description | |
---|---|---|
a | Add data connection |
Adds and configures a new data connection. |
b | Service |
The vendor of the data connection:
|
c | Service type |
Displays the data connection type, either Business tools, Cloud storage, or Email. |
d | Display name |
Displays the name you use to distinguish between connections. For example, if your organization has two different Google Workspace accounts for US and UK employees, you could name each account's Google Drives to help identify them as such. This name must be unique. |
e | Status |
Displays the status of the connection between Code42 and the data connection. For details, see Data connection statuses. |
f |
View details |
Click to view more information about that connection. |
Data connection details
For any connection listed in the Data Connections table, click View details to view more information.
Item | Description | |
---|---|---|
a | Display name |
The name given to the data connection when it was set up. |
b | Service |
The business tool (Salesforce), cloud storage provider (Box, Google Drive, or Microsoft OneDrive for Business) or email service provider (Google Gmail or Microsoft Office 365). |
c | Service type |
The data connection type: Business tools, Cloud storage, or Email. |
d | Scoped to |
The scope used to identify what to monitor for the connection:
Click Export users as CSV to download a list of in-scope users. |
e | Status |
The status of the connection between Code42 and the external environment. This status refreshes automatically. For details, see Data connection statuses. |
f | Status history |
A brief history of the data connection, including the date the connection was initially added along with the username of the Code42 administrator that configured the connection. The date and time does not update if you deauthorize and then resume monitoring the cloud storage or email service connection. |
g | Deauthorize / Resume monitoring |
Click to deauthorize the connection, or to resume monitoring a connection that has been deauthorized. Because Code42 removes its connection immediately after you deauthorize the Salesforce, Gmail, and Microsoft Office 365 services, the Resume monitoring button is unavailable for these data connections. Instead, set up the service again as a new connection to monitor Salesforce report exports or Gmail or Microsoft Office 365 emails. This action is not available for cloud storage or email service connections with a status of Searching for drives/email accounts, Maintenance, Deauthorizing, or Deleting. |
Data connection statuses
The Data Connections table's Status column displays the status of Code42's connection to the external service. For cloud storage connections, more specific drive information appears on the Data Connection details under Status.
Status | Description |
---|---|
Initializing |
Code42 has connected to the external environment and is discovering all of the drives and all of the email accounts for the users that are in scope for monitoring in your environment. For email services, this initialization process does not inventory user inboxes. Instead, Code42 discovers all email accounts for the users that are monitored in your environment and registers those accounts for monitoring. While the email accounts that have completed registration with Code42 begin reporting ongoing attachment activity immediately, the email service connection does not transition to the Monitoring status until all user email accounts in your environment are discovered and have completed registration.
Deauthorization is unavailable for services with this status
You cannot deauthorize a cloud storage or email service's connection when it is in this status. Wait for the status to move to either Monitoring or Monitoring, inventory in progress to deauthorize it. |
Monitoring |
Salesforce Code42 discovers any new users that have been added to your Salesforce environment (and determines whether they have the required permissions and should be monitored) within 8 hours. Cloud storage connections As soon as you authorize the Code42 connection to your cloud storage environment, Code42 immediately begins monitoring your cloud storage environment for ongoing file activity. At the same time, Code42 completes an inventory of all of the files for all discovered drives that are within scope to gather baseline data. File events become available in Code42 soon after they occur. If file activity occurs for file that has not yet been inventoried, that file is immediately inventoried and subsequent file activity is sent to Code42. This initial inventory process does not calculate hash values for files. Instead, hashes are calculated when subsequent activity for that file is detected. After the initial inventory completes, the Monitoring status indicates that Code42 is monitoring for ongoing file activity while also checking for new files. Any new files discovered during monitoring are hashed. By default Code42 checks the cloud storage environment every 5 minutes for new files and the latest file activity. The Data Connection details for a cloud storage connection lists the total number of unique users for which Code42 has discovered drives in your environment and is monitoring for ongoing activity. A second section lists similar values for shared or team drives in Google Drive. Code42's discovery of new drives added to your environment depend on the cloud storage provider:
All drives are inventoried immediately after discovery. Email service connections Code42 is connected to the email service and is monitoring outbound email activity for file attachments. The total number of user email accounts that are in scope for monitoring is listed. New email accounts are discovered at midnight and are registered for monitoring. |
Maintenance |
Code42 is currently performing maintenance on the data connection. The connection is still being monitored for file or email activity, but these events won't be displayed in Code42 until maintenance completes. After maintenance completes, Code42 displays all file events collected during that maintenance period. |
Error |
There was an error connecting to the external environment. This typically occurs when a majority of users, user drives, or email accounts are inaccessible to Code42 due to permissions or licensing issues within the environment. This can also occur immediately after a service is authorized if that service is already registered to Code42. To address common errors with most cloud storage services, deauthorize and resume monitoring that data connection. Contact our Technical Support Engineers with persistent errors. |
Deauthorizing |
Code42 is removing its authorization to monitor the external environment. For services with a large number of users, drives, or email accounts that are monitored by Code42, this process may take an hour or longer. When this process completes, the status moves to Deauthorized. |
Deauthorized |
Code42's connection to the external environment has been removed and no new event activity is being collected. For cloud service connections, the connection remains deauthorized and is listed in the table for 90 days following the date of deauthorization. All discovered drives and existing file events remain in Code42 for those 90 days and can be viewed in Forensic Search. Once the 90-day period expires, Code42 deletes this connection along with all information collected. To resume monitoring the connection after deletion, you need to re-authorize it. For Salesforce and the Gmail and Microsoft Office 365 email services, Code42 immediately removes the connection from the table (along with its configuration and authorization details) after deauthorization. File events collected from the service before it was deauthorized remain searchable in Forensic Search for up to 90 days. To resume monitoring a Salesforce environment or a Gmail or Microsoft Office 365 email service, add it again as a new connection. |
Deleting |
Code42 is removing its connection to the external environment and deleting any information about that connection, such as initialized drive information and collected file events. For services with a large number of users, drives, or email accounts that are monitored by Code42, this process may take an hour or longer. When this process completes, the connection is removed from the Data Connections table. |
Add data connection
To add a cloud storage or email service connection, click Add data connection.
Item | Description | |
---|---|---|
a | Data connection |
Selects the service to add: |
b | Display name |
The name you use to distinguish between services, for example, for different Google Drive accounts for US employees and UK employees. This name must be unique. |
Inventory monitored drives (not pictured) |
Performs a point-in-time analysis of the sharing state for the files in all in-scope drives.
|