Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Next »

In projects where classification is active, the classification movements are recorded. Classification Logs can be written to databases or CSV files or in CEF format. Logs can be analyzed with any SIEM tool. You can also use the GEODI analysis panel for the database.

CSV or CEF Logs

  • \AppData\Dece\Geodi\Workspaces<ProjectName>\Logs\DLPClassifier. Optionally, it can also be saved in the Database.

  • For other logs, you can check the GEODI Logs page.

File

UNCPath of classified content

Örnek: C:\Users\<user>\Desktop\Yeni Microsoft Word Belgesi (2).docx

PreviousClass

Current Class (value = “?” for content without a class)

Class

Given Class

Source

Method of classification (Shell/Add-In)

ClientIP

Client IP

ClientUser

Client User Name

Process Memory(Kb)

The memory used on the system at the time the log was written.

Process Max Memory(Kb)

The peak of Memory usage in the system.

AutoClass

AutoClass kolonuna otomatik öneri olarak veya zorla kullanılmışsa otomatik ile belirlenen sınıfın ID değeri geliyor. Otomatik hiç kullanılmamışsa boş loglanacak.

ActionType

  • Auto: Otomatik seçilerek sınıf verildi

  • Manuel: Manuel sınıf seçildi.

  • Offline: manuel sınıf seçildi.

  • AUTOCLASS Body Email: Outlook desktop. %AUTOCLASS% metni ile zorla otomatik sınıflandı.

  • Auto Menu Click: Add-In üzerindeki otomatik tıklanarak sınıflandı

  • Class Menu Click: Add-In üzerinden bir sınıf seçilerek sınıflandı

  • Form UI: Form arayüzü açıldı. form üzerinden seçim yapıldı.

  • Forced AutoClass: Otomatik zorunlu idi. zorla otomatik sınıflama yapıldı

Writing Classification Logs to Database

  • You can also write the logs to the database if you want. In this way, it is possible to analyze with PowerBI or similar tools. You can only make connection settings from the GEODI server.

When the Classification Logs are written to the Database, you can access the following information in addition to the above.

Object ID

Unique ID

Log Time

time of transaction

Log User

user who doing the classification

Log App

GEODI

Log App Ver

GEODI Version

Log Module

DLPClassifier

Log Security Level

https veya http

Log Level

medium

GEODI Log Analysis Dashboard

GEODI can analyze a database via dashboards. There is a ready module to do this for Classifier Logs. Install the "Classification Log Analysis" module and create a new project using the template. The ready dashboard will give you insight into class distributions, trends, and more.

In order to use the Log Analysis Panel, "ACC.DLP":true must be added to the GenericSettings in Workspace settings, and after the "ACC.DLP" group is created, it can be used by the users in this group and the system admin.

Example Classification Panel

  • No labels