File Activity Monitoring Policies

A File Activity Monitoring policy is a set of configuration options for file tracking that is applied to monitored endpoints simultaneously.

For high granularity control on what is monitored, you can define the following for each policy:

  • Entry Point Filters: Files entering (downloaded to) an endpoint you want to monitor. You define URL and/or file extension filters.

  • Exit Point Filters: Files exiting (uploaded from) an endpoint you want to monitor. You define URLs and/or file extension filters.

File Monitoring policies are listed in the File Monitoring Policies list. By default, a File Activity Monitoring policy is defined to monitor all files entering and exiting endpoints. You can copy and edit this policy and create new policies.

To view the list of available policies, select Configuration > Endpoint Management > Recording Policies and select the File Activity Monitoring Policies tab.

In the example below, Include All is the name of the default policy. You cannot delete the default policy.

Any modifications you make in a File Activity Monitoring policy can be viewed for auditing purposes in the Audit > Configuration Changes tab of the Web Console.

Setting up a File Activity Monitoring Policy