The ControlPoint Sentinel Report lets you view anomalous activity events for which an Alert has been specified on the Sentinel Setup - Anomalous Activity Rules page. You can also filter results by user and/or date range.
To report anomalous activity:
1From the Manage ControlPoint tree choose ControlPoint Sentinel > Sentinel Report.
2If you want to narrow your results, enter one or more user(s) in the People Picker and/or enter a date range.
NOTE: If you leave the From and To Dates blank, all available results will be returned.
The tiles at the top of the report highlight the following statistics:
·The Total Number of Anomalous Activities Detected
·The number of High Risk Events as characterized by ControlPoint Sentinel
·The Number of Users with anomalous activity
·The Security Risk Score (which is derived by the Severity of each activity within the date range covered by the report)
For each anomalous event detected, report detail displays:
·the Event Time (that is, the date and the time when the ControlPoint Anomalous Activity Detection Job captured the event)
·the User whose activity triggered the anomalous activity detection alert
·the Event Severity (as defined on the Sentinel Setup - Anomalous Activity Limits page)
·the Triggering Activity Level that resulted in the anomalous activity detection alert:
§for Default daily activity, activity above the specified limit for the Event Severity
§for Personal daily activity, the amount of activity for the Event Severity to which the specified deviations above from the user's "typical" usage pattern have been applied.
·the Expected Activity Level:
§for Default daily activity, the specified limit for the Event Severity
§for Personal daily activity, "typical" usage pattern as calculated by ControlPoint Sentinel
·the Delta Activity Level (that is, the difference between Triggering Activity Level and the Expected Activity Level).
To view detailed audit log data for a user:
Click the User link to generate a ControlPoint Audit Log analysis.
The following tables identify ControlPoint default menu items at all levels of the SharePoint Hierarchy as well as the Manage ControlPoint panel.
The following terms are used to describe menu item behavior in a Multi-farm installation:
·Home Only - The operation can be performed on the home farm only.
·Home or Remote - The operation can be performed on a single farm; either home or remote
·Multiple - The operation can be performed on multiple farms.
·Farm-Independent - The operation is not farm-specific.
Tenant-Level Item |
Type |
Multi-Farm | |
---|---|---|---|
Central Administration (Tenant Admin Site) |
SharePoint |
Home only | |
Advanced Search |
Search |
Home or Remote | |
SharePoint Summary |
Analysis |
Home only | |
Farm Dashboard |
Action |
Home only | |
GDPR Dashboard |
Action |
Home only | |
Refresh SharePoint Hierarchy |
Action |
Home or Remote | |
Run Saved Instructions |
Action |
Home only | |
Farm Summary Dashboard |
Action |
Home only | |
GDPR Dashboard |
Action |
Home only | |
Activity folder: | |||
Site Collection Activity |
Analysis |
Multiple | |
Audit and Alerts folder: | |||
Create SharePoint Alerts |
Action |
Home only | |
Automation folder: | |||
Set Metadata Value |
Action |
Home Only | |
Create Managed Metadata |
Action |
Home only | |
Compliance folder: Available to members of the Compliance Administrators group | |||
Analyze Content |
Action |
Home only | |
Compliance Summary |
Analysis |
Home only | |
Compliance Actions Audit |
Analysis |
||
Sensitive Content Activity |
Analysis |
Home only | |
Scanned files by Scope |
Analysis |
Home only | |
Scanned files by Search terms |
Analysis |
Home only | |
Configuration folder: | |||
SharePoint Hierarchy |
Analysis |
Multiple | |
Content folder: | |||
Managed Metadata Usage |
Analysis |
Multiple | |
Trend Analysis for Site Count |
Analysis |
Home only | |
Storage folder: | |||
Site Collection Storage Analysis |
Analysis |
Multiple | |
Trend Analysis for Storage |
Analysis |
Home only | |
Storage by File Type |
Analysis |
Home only | |
Users and Security folder: | |||
Set User Direct Permissions |
Action |
Multiple | |
Delete User Permissions |
Action |
Multiple | |
Duplicate User Permissions |
Action |
Multiple | |
Add User to SharePoint Group |
Action |
Home or Remote | |
Delete SharePoint Groups |
Action |
Home only | |
Backup Permissions |
Action |
Home only | |
Manage Permissions Backups |
Action |
Home only | |
Manage Permissions Inheritance |
Action |
Multiple | |
Migrate Users |
Action |
Home or Remote | |
Orphaned Domain Users |
Analysis |
Multiple | |
Site Permission |
Analysis |
Multiple | |
Comprehensive Permissions |
Analysis |
Multiple | |
Comprehensive User Analysis |
Analysis |
Home only | |
SharePoint Group Analysis |
Analysis |
Multiple |
Site Collection-Level Menu Item |
Type |
Multi Farm |
---|---|---|
Settings |
SharePoint |
Home or Remote |
Advanced Search |
Search |
Home or Remote |
Add to Selection |
Action |
(Depends on operation) |
Properties |
Action |
Home or Remote |
Activity folder: | ||
Site Collection Activity |
Analysis |
Multiple |
Audit and Alerts folder: | ||
Manage Audit Settings |
Action |
Multiple |
ControlPoint Alerts |
Action |
Home Only |
Create SharePoint Alerts |
Action |
Home Only |
Manage SharePoint Alerts |
Action |
Home Only |
Audit Log Analysis |
Analysis |
Home Only |
Change Log Analysis |
Analysis |
Home Only |
SharePoint Alerts by Site |
Analysis |
Home Only |
SharePoint Alerts by User |
Analysis |
Home Only |
Automation folder: | ||
Set Metadata Value |
Action |
Home Only |
Create Managed Metadata |
Action |
Home Only |
Change Management folder: | ||
Content Types |
Analysis |
Multiple |
Web Parts by Part |
Analysis |
Multiple |
Web Parts by Site |
Analysis |
Multiple |
Workflow Analysis |
Analysis |
Multiple |
Compliance folder: Available to members of the Compliance Administrators group | ||
Analyze Content |
Action |
Home Only |
Manage Scanned Files |
Action |
Home Only |
Compliance Summary |
Analysis |
Home Only |
Compliance Actions Audit |
Analysis |
Home Only |
Sensitive Content Activity |
Analysis |
Home Only |
Scanned files by Scope |
Analysis |
Home Only |
Scanned files by Search terms |
Analysis |
Home Only |
Configuration folder: | ||
Set Site Collection Properties |
Action |
Home Only |
Set Site Properties |
Action |
Multiple |
Set List Properties |
Action |
Multiple |
Navigation Settings |
SharePoint |
Home or Remote |
Search Settings. |
SharePoint |
Home or Remote |
Search Scopes |
SharePoint |
Home or Remote |
Site Collection Administrators |
SharePoint |
Home or Remote |
SharePoint Hierarchy |
Analysis |
Home Only |
Site Collection Properties |
Analysis |
Home Only |
Site Properties |
Analysis |
Multiple |
List Properties |
Analysis |
Multiple |
Content folder: | ||
Create New Site |
SharePoint |
Home or Remote |
Delete Site Collection |
SharePoint |
Home or Remote |
Content and Structure |
SharePoint |
Home or Remote |
Managed Metadata Usage |
Analysis |
Multiple |
Trend Analysis for Site Count |
Analysis |
Home Only |
Storage folder | ||
Site Collection Storage Analysis |
Analysis |
Multiple |
Trend Analysis for Storage |
Analysis |
Home Only |
Storage by File Type |
Analysis |
Home Only |
Users and Security Folder | ||
Set User Direct Permissions |
Action |
Multiple |
Delete User Permissions |
Action |
Multiple |
Duplicate User Permissions |
Action |
Multiple |
Set SharePoint Group Permissions |
Action |
Home or Remote |
Delete SharePoint Group Permissions |
Action |
Home or Remote |
Add User to SharePoint Group |
Action |
Home Only |
Delete SharePoint Groups |
Action |
Home Only |
Backup Permissions |
Action |
Home Only |
Manage Permissions Backups |
Action |
Home Only |
Manage Permissions Inheritance |
Action |
Multiple |
Orphaned Domain Users |
Analysis |
Multiple |
Site Permissions |
Analysis |
Multiple |
Comprehensive Permissions |
Analysis |
Multiple |
SharePoint Group Analysis |
Analysis |
Multiple |
© ALL RIGHTS RESERVED. 利用規約 プライバシー Cookie Preference Center