A profile is a named collection of content search and analysis specifications. Each profile is made up of search terms and regular expressions that can detect sensitive content in English, German, Spanish, Italian, French and Portuguese. SCM ships with 4 default profiles:
·General Data Protection Regulation (GDPR)
·Personally Identifiable Information (PII)
·Protected Health Information (PHI)
·Payment Card Information (PCI)
The file search and analysis criteria requirements for your organization may differ from the system profiles that are available. For example, you may want to create a custom profile to group a different subset of the predefined search terms, add custom search terms for sensitive data types, or analyze data that falls outside common definitions of PII, PHI or financial data. Custom profiles created with the SCM profile wizard can be made available to both SCM and ControlPoint users.
With the standard or custom profiles, SCM allows you to analyze the following file types -
·Compressed files (ZIP, 7z, TAR, RAR etc.)
·Comma Separated Values (CSV)
·Log Files
·Microsoft Excel
·Microsoft Excel 2007
·Microsoft Outlook Express Mail Message
·Microsoft Outlook Message
·Microsoft PowerPoint Presentation
·Microsoft PowerPoint Presentation 2007
·Microsoft PowerPoint Show
·Microsoft PowerPoint Show 2007
·Microsoft Word Document
·Microsoft Word Document 2007
·Open Document Text
·Portable Document Format (PDF)
·PowerShell
·Rich Text Format (RTF)
·Text Document
In this topic
Steps to customize a system profile
1.From the navigation panel, click CONFIGURATION and then click PROFILES. The Profiles page opens.
The columns in the list are as follows:
a.Profile - a named set of search terms
b.Type - indicates whether the profile is a system profile or a custom profile . System profiles cannot be edited but can be cloned to create custom profiles.
c.Search Term - indicates the number of search terms in the profile.
·To customize the number of items displayed on the page, click the Items per page drop down below the list and choose the number of items you wish to display. If there are more profiles than the list can display, you can use the navigation links below the list to browse through more profiles.
·Enter a keyword in the Filter field above the list to filter the set of profiles by the keyword entered.
·Click Refresh to retrieve and display a fresh set of profiles from the SCM repository.
2.Click a profile link to view the profile details. The Profile - Summary page opens.
3.Click Close to return to the Profiles page.
1.From the navigation panel on the left, click CONFIGURATION and then click PROFILES. The Profiles page opens.
2.Click Create to open the new profile wizard. The New Profile - Properties page opens.
Specify the property values as described below:
a.Profile Name - enter a unique profile name. The profile name cannot exceed 100 characters.
b.Profile Description - enter a description of the profile. The description text should not exceed 256 characters.
3.Click Next. The New Profile - Search Terms page opens.
4.From the Available Search Terms list, select one or more check boxes to choose the search terms for the profile. You can filter the list by entering a key word in the Filter field of the Available Search Terms list. If the key word exists in the name or the description of the search term, you will see the result set in the list. To include custom search terms in the list, see Search Terms.
5.Click to move the selected search terms to the Profile Search Terms list.
6.To remove a search term from the Profile Search Terms list, select one or more check boxes in the Profile Search Terms list. You can filter the list by entering a key word in the Filter field of the Profile Search Terms list. If the key word exists in the name or the description of the search term, you will see the result set in the list.
7.Click to move the selected search terms back to the Available Search Terms list.
8.When you complete the selection of search terms as displayed in the Profile Search Terms list, click Next. The New Profile - Summary page opens.
9.Verify the new profile properties and search terms, and then click Save & Exit. You can click Cancel to exit the wizard or click Previous to revise the profile.
Steps to edit an existing profile
1.From the navigation panel on the left, click CONFIGURATION and then click PROFILES. The Profiles page opens.
2.Select a custom profile that you want to edit. You cannot edit a system profile.
3.Click Edit to open the profile editor. The Edit Profile - Properties page opens.
4.Review and revise the properties as needed.
5.Click Next. The Edit Profile - Search Terms page opens.
6.From the Available Search Terms list, select one or more check boxes to choose the search terms for the profile. You can filter the list by entering a key word in the Filter field of the Available Search Terms list. If the key word exists in the name or the description of the search term, you will see the result set in the list.
7.Click to move the selected search terms to the Profile Search Terms list.
8.To remove a search term from the Profile Search Terms list, select one or more check boxes in the Profile Search Terms list. You can filter the list by entering a key word in the Filter field of the Profile Search Terms list. If the key word exists in the name or the description of the search term, you will see the result set in the list.
9.Click to move the selected search terms back to the Available Search Terms list.
10.When you complete the revision of search terms as displayed in the Profile Search Terms list, click Next. The Edit Profile - Summary page opens.
11.Verify the revised profile properties and search terms, and then click Save & Exit. You can click Cancel to exit the wizard or click Previous to revise the profile.
CAUTION: If a profile is modified while files are being scanned with the same profile, the scan will continue. All remaining files that are scanned will use the revised profile. |
Steps to delete an existing profile
1.From the navigation panel on the left, click CONFIGURATION and then click PROFILES. The Profiles page opens.
2.Select a custom profile that you want to delete. You cannot delete a system profile.
3.Click Delete and then click Yes in the confirmation dialog to confirm the deletion.
CAUTION: If a profile is modified while files are being scanned with the same profile, the scan will continue. All remaining files that are scanned after the profile is deleted, will produce a failed result and include no term matches. |
Steps to customize a system profile
1.From the navigation panel on the left, click CONFIGURATION and then click PROFILES. The Profiles page opens.
2.Select a system profile.
3.Click Clone to open the new profile wizard. The Clone Profile - Properties page opens.
Change the property values as described below:
a.Profile Name - enter a unique profile name. The profile name cannot exceed 100 characters.
b.Profile Description - change the description of the profile. The description text should not exceed 256 characters.
4.Click Next. The Clone Profile - Search Terms page opens in edit mode with the same search terms as in the original profile.
5.From the Available Search Terms list, select one or more check boxes to choose additional search terms for the custom profile. You can filter the list by entering a key word in the Filter field of the Available Search Terms list. if the key word exists in the name or the description of the search term, you will see the result set in the list.
6.Click to move the selected search terms to the Profile Search Terms list.
7.To remove a search term from the Profile Search Terms list, select one or more check boxes in the Profile Search Terms list. You can filter the list by entering a key word in the Filter field of the Profile Search Terms list. If the key word exists in the name or the description of the search term, you will see the result set in the list.
8.Click to move the selected search terms back to the Available Search Terms list.
9.When you complete the selection of search terms as displayed in the Profile Search Terms list, click Next. The Clone Profile - Summary page opens.
10.Verify the new profile properties and search terms, and then click Save & Exit. Click Previous to revise the profile. Click Cancel and then click Yes in the confirmation dialog to exit the wizard.
A search term is a named entity for a regular expression that is used in a profile to scan files for matching patterns.
In this topic
Steps to create a new search term
1.From the navigation panel on the left, click CONFIGURATION and then click SEARCH TERMS. The Search Terms page opens.
The columns in the list are as follows:
a.Search Term - name of the search term
b.Type - indicates whether the search term is a standard search term or a custom search term . Standard search terms cannot be edited.
c.Description - explanation of the search term.
d.Used in Profiles - integer value that indicates the number of profiles that use the search term.
·The list can be customized to display more or less items on the page. Click the Items per page drop down below the list and choose the number of items you wish to display. If there are more search terms than the list can display, you can use the navigation links below the list to browse through more search terms.
·Enter a keyword in the Filter field above the list to filter the set of search terms by the keyword entered.
·Click Refresh to retrieve and display a fresh set of search terms from the SCM repository.
2.Click a search term to view its details.
Steps to create a new search term
1.From the navigation panel on the left, click CONFIGURATION and then click SEARCH TERMS. The Search Terms page opens.
2.Click Create to open the Custom Search Term window.
Specify the property values as described below:
a.Name - enter a unique search term name. The profile name cannot exceed 100 characters.
b.Description - enter a description of the search term. The description text should not exceed 256 characters.
c.Expression - enter a regular expression to match a text pattern in a file.
d.Sample Text - enter any text that contains the pattern you want to match.
3.Click Test. If a pattern match occurs in the Sample Text field, the matching pattern will be highlighted.
NOTE: If the test expression includes inline modifiers like (?i) for case insensitivity, you may get false negative results. For these expressions please consider testing them at http://regexstorm.net/tester |
4.Click Save to save the new search term. Verify that it is listed in the Search Terms list. You can click Cancel to exit the window.
Steps to edit an existing search term
1.From the navigation panel on the left, click CONFIGURATION and then click SEARCH TERMS. The Search Terms list page opens.
2.Select a custom search term that you want to edit. You cannot edit a standard search term.
3.Click Edit to open the Custom Search Term window.
4.Review and revise the properties as needed.
5.If you revise the regular expression it is recommended that you enter some appropriate text in the Sample Text field and click Test to verify the regular expression.
6.Click Save to save the new search term. You can click Cancel to exit the window.
CAUTION: If a search term is modified while files are being scanned with a profile that contains the same search term, the scan will continue and all remaining files that are scanned will use the revised search term. |
Steps to delete an existing search term
1.From the navigation panel on the left, click CONFIGURATION and then click SEARCH TERMS. The Search Terms list page opens.
2.Select a custom search term that you want to delete. You cannot delete a standard search term.
3.Click Delete and then click Yes in the confirmation dialog to confirm the deletion.
CAUTION: If a search term is deleted while files are being scanned with a profile that contains the same search term, the scan will continue but none of the remaining files will be checked for patterns that match the deleted search term. |
Log files that are generated by the application have different levels of severity. The Settings page lets you specify the logging level of system messages.
Steps to set the logging level
1.From the navigation panel on the left, click CONFIGURATION and then click SETTINGS. The Settings page opens.
2.From the Logging Level drop down, select one of the following log levels listed below by descending severity:
·Verbose - Logs that contain the most detailed messages. These messages may contain sensitive application data. These messages are deactivated by default and should never be activated in a production environment.
·Debug - Logs that are used for interactive investigation during development. These logs should primarily contain information useful for debugging and have no long-term value.
·Information - Logs that track the general flow of the application. These logs should have long-term value.
·Warning - Logs that highlight an abnormal or unexpected event in the application flow, but do not otherwise cause the application processes to stop.
·Error - Logs that highlight when the application processes stop due to a failure. These should indicate a failure in the current activity, not an application-wide failure.
·Fatal - Logs that describe an unrecoverable application or system crash, or a catastrophic failure that requires immediate attention.
NOTE: The level you choose will also include all levels below it. For example, if you choose Verbose, all the other log levels will also be tracked. If you choose Warning, then the only the log levels Warning, Error and Fatal will be tracked. |
Support Tools are provided with the installation media.
To access the support tools:
1.Download the installation ZIP file and extract all the files on the machine on which you are planning to install the SCM components.
2.Open the Support Tools folder.
About the Support Tools
A summary of each tool is provided below. Each folder contains a ReadMe.txt file that provides detailed information about the tool.
Archive-Logs
A PowerShell script to create a copy of all the log files for SCM into a single .zip file.
Forensics
PowerShell scripts to visualize the timeline of verbose SCM log entries for better troubleshooting.
Mx Connectivity Tests
PowerShell script and aspx page to troubleshoot the connectivity to SQL server.
PemTool
Tool to generate the .pem files needed for RabbitMQ
Phoenix
Command-line program that helps you to process RabbitMQ dead-letter messages. Helps you to capture content to SQL, resubmit, or move messages to a new Queue.
Rabbit Migration
PowerShell script to migrate the RabbitMQ base folder from one location to another. You would typically move it from the %APPDATA% folder to a shared location like the %PROGRAMDATA% folder.
Rabbit Snapshot
PowerShell script to import and export a RabbitMQ configuration from one machine to another.
SCM diagnostics
Collects information about the environment and logs for troubleshooting like Event logs, IIS logs, list of installed programs, RabbitMQ configuration, SCM Logs and application .json files.
SCM Report Conversion
PowerShell script to convert the exported scan report to an Essentials format for integration. In SCM 2.1.1 and later versions, report conversion is possible directly from the Administration Center.
SCM Scans
PowerShell scripts to submit a file share scan and download the resulting CSV report. The script requires a Profile Id. To get the Profile Id of a standard or custom profile:
1.From the navigation panel in the Administration Center, click CONFIGURATION and then click PROFILES. The Profiles page opens.
2.Click a profile link. The Profile - Summary page opens.
3.Get the Profile Id from the URL. For example, for the Personally Identifiable Information (PII) profile, the Profile Id is 1 (https://<domain:port>/#/profile/view/1)
ScpTool
An executable to test access to the Service Connection Point (SCP) data in Active Directory.
© ALL RIGHTS RESERVED. Conditions d’utilisation Confidentialité Cookie Preference Center