Skip to main content

Reporting Config

This tab helps to configure the policies and settings to designate the targets that DSI data will be directed to. To access this tab, go to Reporting > Config in PEM Administrator.


Data Security Intelligence

This panel lists down the DSI policies that are currently in use. You can edit or delete any DSI policies. 

  • Edit - Click this button to edit the details of a policy. Steps of editing a policy are same as adding a DSI policy. While editing the Site-wide Default policy, only Agent Options and Target Type can be configured.
  • Delete - Click this button to delete a policy. You cannot delete the Site-Wide Default policy. 

Adding a DSI Policy

Click Add button to add a DSI policy in the PEM Administrator. The Add Data Security Intelligence Policy screen appears.

Following is the description of the fields which appear while adding or editing a DSI policy. 

FieldsDescription
NameEnter the unique name of the DSI policy.
Target Type

This drop-down provides the list of all available targets for DSI events.

  • Internal (default)
  • Elastic Search
  • Splunk HTTP(S) with JSON
  • Syslog TCP RFC-3164
  • Syslog TCP RFC-3164 with JSON
  • Syslog TCP RFC-6587
  • Syslog TCP RFC-6587 with JSON
URLEnter the URL of the server chosen in Target Type drop-down. This field does not appear when Internal is opted as target type.
Index Enter the index name to be used for Elastic Search. This field is visible when Elastic Search is chosen as target type.
TokenEnter the token provided from Splunk server. This field is visible when Splunk is chosen as target type.
Scope

Select the Active Directory users or groups that are assigned to a particular DSI policy. You can use Advanced Definitions by clicking </> button 

Agent Options

The Agent Options checkboxes allow the administrator to specify which types of events are subject to the policy.

  • All Activity (forensic) – Select this option to generate DSI events for all activities on PEM Administrator.
  • Multi-file Archive Events – Select this option to generate DSI events for archives created and extracted that contain more than one file.
  • Unencrypted Archive Events – Select this option to generate DSI events for archives created and extracted, when archives are unencrypted.

Data Security Intelligence Global Settings 

This panel provides a set of global properties that are applied wherever the DSI policy is targeted. Click Edit button to edit the listed properties.

Following is the description of properties: 

SettingsDescription
EnabledSelect this option to enable DSI to be generated. 
SigningSelect this option to generate DSI events related to digital signing activities.
PK Endpoint ManagerSelect DSI policy that you want to apply to the PEM Administrator generated events.
Log Device Last Access TimesSelect this option to have DSI log the time when last access was made into the device in the events.
Log Admin Login AttemptsSelect this option to include Admin Login Attempts to the events that are DSI generates.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.