Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

In projects where classification is active, the classification movements are recorded. Classification Logs can be written to database or CSV files or in CEF format. Logs can be analyzed with any SIEM tool. You can also use the GEODI analysis panel for the database.

CSV or CEF Logs

  • \AppData\Dece\Geodi\Workspaces<ProjectName>\Logs\DLPClassifier. Optionally, it can also be saved in the Database.

  • For other logs, you can check the GEODI Logs page.

File

UNCPath of classified content

Örnek: C:\Users\<user>\Desktop\Yeni Microsoft Word Belgesi (2).docx

PreviousClass

Current Class (value = “?” for content without a class)

Class

Given Class

Source

Method of classification (Shell/Add-In)

ClientIP

Client IP

ClientUser

Client User Name

Process Memory(Kb)

The memory used on the system at the time the log was written.

Process Max Memory(Kb)

The peak of Memory usage in the system.

Writing Classification Logs to Database

  • You can also write the logs to the database if you want. In this way, it is possible to analyze with PowerBI or similar tools. You can only make connection settings from the GEODI server.

When the Classification Logs are written to the Database, you can access the following information in addition to the above.

Object ID

Unique ID

Log Time

time of transaction

Log User

user who doing the classification

Log App

GEODI

Log App Ver

GEODI Version

Log Module

DLPClassifier

Log Security Level

https veya http

Log Level

medium

You can analyze the logs written on the database in GEODI and examine the classes given depending on time.

For this analysis, after installing the "Classification Log Analysis" module in GEODI, you can visually examine the classification logs on the panel in the project after selecting the draft project on the new project creation screen and connecting to the database.

Default class rules are valid in the dictionary used in the panel. When changes are made to the default class rules, the dictionary must also be changed.

Sample Classifier Log Panel

  • No labels