Versions Compared

Version Old Version 27 New Version 28
Changes made by

serdar ak

serdar ak

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

GEODI may discover FileServers if there is a share. Then, GDE is not required.

note
Noteinfo

GDE crawls the EndPoint or FileServer and sends selected files to a GEODI Server. This way, you can discover and search local files w/o sharing any folder. GDE continuously crawls every 3 hours to find changed files.

Info

With the GEODI Classifier, it is possible to classify the local files remotely.

Info

After discovery, it is possible to remediate the local files remotely.

Installation and Configuration

tip
Warninginfo

A configuration file on the GEODI server determines which local folders and file types to include. This configuration may be customized by client IP, ClientUser, or ClientMachine name. So, you may target a different area for each FileServer or client.

Info

The Agents can be manually installed on FileServers or EndPoints. But if you have many EndPoints, using a tool like ManageEngine or SCCM for deployment is suggested.

GDE agent software updates are auto. It may be set to update from a local source.

GEODI Server has a monitor panel to watch EndPoints. GEODI Agent Management Panel

Gliffy
imageAttachmentIdatt4336386146
macroIdc02c52c0-32db-418a-8a1e-64c4cfe9a700
baseUrlhttps://decesw.atlassian.net/wiki
nameGDE-EN
diagramAttachmentIdatt4336648300
containerId3972202552
timestamp1702733720298

Table of Contents

Installation Checklist

Subject

Description

Create a new project or choose an existing project to index files.

A separate project is OK for discovery purposes, but

it is better to add

adding PCs to an existing project is better if you have Enterprise Search.

This project URL must be accessible from the EndPoints.

The recognizer, GDE(discovery IT), must be on the project

. Find GDE recognizer from IT group

.

Create a token

Follow the procedure on this page to get the Token.

As a best practice, we suggest you create a separate user for the Token. And

tokenusers password

token users' passwords should not be changed.

Follow the procedures for different OSs

These pages will lead you to each OS.

Child pages (Children Display)

GDE Configuration Settings

The settings determine which local folders and file types to discover. There may be a single setting for all, or you may customize it by clients.

Client Monitoring

Activate GEODI Agent Management Panel

Troubleshooting

Expand
titleIndexing does not start

  1. Check Agent Management Panel; if the health of the endpoint looks okOK, then waiting a while will solve the problem. GEODI Server queues the incoming data. So, the time for the files on the endpoint may yet to come.

  2. Check if endPoint has access to the GEODI Server. GEODI must be accessible from a browser.

  3. Check if the port (default 1982) is available and not blocked. You may use GDE API calls to check that. Use a browser to make calls.

  4. Check the Firewall, Virus, or any similar tool; do not block the communication.

  5. Check if the client machine is up and running. GDE is installed and running (Geodi.Desktopexplorer.exe should be in the task list)

  6. Check if the token Token is active: <GEODI_URL>/apiAPI/token_parser.html

Expand
titleSettings are not effective,

  1. The Setting file may not be a valid JSON. Validate it with an online tool.

  2. Settings will generally be adjusted in an hour. If the IP of the endpoint has changed, this may take up to 3 hours.

Expand
titleSome files are not indexed

  1. The default settings block some large files, like videos. Files larger than 100 MB or compressed files larger than 500MB are blocked. You may change the settings. The settings will be effective in about an hour.

Expand
titleThe endPoint has been formatted

  1. Install the GDE as usual. The endpoint will be treated as new. The old data is preserved.

FAQ

Expand
titleHow can query files from a specific endpont?

It is no different than the other. Add layer:GDE <machinename> into query.

  1. layer:GDE <machinename> will query the files.

  2. layer:GDE <machinename> doc:*.pdf will list the PDF files.

  3. layer:GDE <machinename> doc:*.pdf contract will list the PDF files with the word contract.

Expand
titleHow to Classify remote files?

If you have the classification, then the GEODI legacy data classification tool also covers remote files.

Expand
titleIs it possible to remediate remote files?

Yes, GEODI remediation tools cover remote files as well. The only requirement is that the user should have delete/update permission on the remote machines. This way, GEODI deletes, makes, or encrypts remote files like the local ones.

Expand
titleWhat happens if the endpoint machine is closed?

Search is unaffected, but you can not open/view or remediate the files.

Expand
titleDoes GDE copy local files?

No, GDE does not copy the local files. But if you need to backup local files, check the “backup content” in the GEODI source dialog. You may activate or deactivate this setting at any time.

Expand
titleWho is going to see the files from endpoints?

  1. Sistem Admins see all files.

  2. Other users' permissions depend on Enable LDAP settings. If LDAP is enabled, then local permissions are used.

  3. It is possible to set each user to see their own PC files. Please ask the DECE team how to set that.

...

Setting Name

Type

Description

FolderList

string[]*

Used to specify the folders to be scanned. Folders can be identified by separating them with ","

The default directory is %UserProfile% (includes documents, downloads, desktops, etc.). A complete list can be found at https://docs.microsoft.com/tr-tr/dotnet/api/system.environment.specialfolder?view=netframework-4.0. Values are case-sensitive. Subdirectories can also be defined as %UserProfile%\\Desktop.

You can use ["*"] to scan all disks.

ExplorerPort

int

Default The default is 1982.

Optionally Alternatively, you may set the port value to 0. Discovery and search will be fine, but But in this case GEODI can not open the local files in this case.

EnableLDAP

bool

If a true value is given, LDAP authorizations of the files are also indexed.

Default value: false

IgnoreFolders

string[]

List of folders to ignore. * is accepted. Used in combination with the settings under Geodi Settings/IgnoreFolders.

Example: ["*:\\data","C:\User*"]

Default value: null

IgnoreFiles

string[]

List of folders to ignore. * is accepted and used with the settings under Geodi Settings/IgnoreFileTypes.

Default value:["*.MP4","*.MOV","*.MP3"]

Metadata

You can define metadata for parsing files from clients. These metadata are specified in the settings file. The values used in the default settings can be seen in the example file.

Searching with metadata is done with <metaname>:<value> Example IP:192.168.1.1

The defined metadata and values will be visible in the GEODI search interface.

...

  1. Log in with a user accessing the Source that GDEs will feed.

  2. Open the page: <GEODI_URL>>/apiAPI/GeodiTokenApi.html?loginWithGuest=1

  3. Select the Source's name using the AllowList.

  4. Now you are ready to create the Token.

  5. This page may be used to check if a token is valid: <GEODI_URL>/apiAPI/token_parser.html

...