Home
HomeDocumentation and Guides
Home

Retro Scans Overview

A Retroactive Monitor (RAM) is a special scan where the Cloudlock engine is directed to scan all files in an organization. Depending on the scope of the request, a RAM can be completed in a couple of days or several weeks. The completion also depends on the number of files being scanned throughout the process and the complexity of the active policies.

Initiation

Retro Scans can be requested from different sources but can only be initiated by a member of Cloudlock support (CSR) or Cloudlock Engineering. RAM requests can be made for Google Drive, Office 365, Dropbox, and Box.

Policy Based

By default, a Retro Scan evaluates all policies that belong to the organization, however, the scan can be initiated for a specific set of policies as well.

Monitor

Navigate to Retro Scans to view the currently running scans and their statuses.

1564

Note: You can view details of the scans executed in the last 1 year. Currently, only Google is supported as the platform.

Notification

When you log into Cloudlock and if there are any Retro Scans in progress, a notification for the same is displayed on the top right corner of the Incidents page. The notification has a clickable unique Retro Scan ID. On clicking the Retro Scan ID, you are redirected to the details page of that retroactive scan.

Monitor Parameters

Under Details, click View scan details to view the following information:

Status: Status of the Retro Scan changes from Running to Completed once finished. If the scan is cancelled at any point in time, the status is set to Cancelled.
Invoked with Policy: The list of policies for which the Retro Scan is initiated.
Vendor: The vendor for which the retroactive scan is initiated.
Vendor Type: The vendor type for which the Retro scan is initiated.
Initiated-on: The date and time when the Retro Scan is initiated.
Completed-on: The date and time when the Retro Scan is completed.
Total files scanned: The total number of files scanned during the Retro Scan.
Total users scanned: The total number of users scanned during the Retro Scan.
Document Limit: The maximum limit for which the Retro Scan should run. This is configurable at the time of the Retro Scan initiation.

Incidents

The Retro Scan generates incidents only for the Active policies, and it is highly recommended that any incidents in New or In Progress status is to be set to Resolved before initiating the scan.

Filter by Scan type

Navigate to the Incidents page to filter incidents based on the Scan Type. Select Retro Scans in the Scan Type drop-down to filter the search results.

1982

Filter by Initiated On

Once the required filter for Retro Scan incidents is applied, a filter type called Initiated-On is added allowing you to further filter down the incidents to a specific Retro Scan.

1992

Updated about 1 year ago