Monitor User Activity
On the Aperture service, you can view user activity across all assets on Box, Microsoft Office 365 for OneDrive and SharePoint, Google Drive, and Salesforce, but it is more limited on Cisco Webex Teams. Because the Aperture service connects to each service using an API integration, it can retrieve the user activity logs and enable you to monitor and investigate the actions of your end users on your data and assets stored in these applications. You can track events, such as file and folder downloads and uploads as well as failed login attempts, or you can learn know how a user shared or collaborated on assets hosted in your SaaS applications.
- Select ExploreActivities to view a list of
activity logs from application such as Box, Microsoft Office 365
for OneDrive and SharePoint, Google Drive, Salesforce, or Cisco
Webex Teams.Salesforce requires the User Event Monitoring license to enable the retrieval of all event logs. Without this additional license, only log in and log out events are available to the Aperture service.Google Drive requires a Google Apps Unlimited or Google Apps for Education subscription to enable the retrieval of all event logs. Without this additional subscription, only login and logout events are available to the Aperture service.
- To filter the list and narrow the results to meet your
audit needs, search or use the following facets:
- Date—Time frame when the user activity occurred. For example: past day, past week, past month, or past year.
- Action—Activity the user initiated. For example, download, preview, sync, share, delete, or copy a file or folder.
- Cloud App—Lists the application on which the user activity occurred. For example, Box.
- Target Type—Lists the location, user, or asset where an activity or change occurred. It allows you to learn about who did what, for example which user initiated an action on a file, space, or folder, or added a user, created a space, performed work on a report, or used the API.
- Search—Find an item using part of the filename or find a user by the full email address. Because the user activity logs include information on the email address of the user who logged in, the source IP address and location of the user who performed the action, and the name of the item being modified or created, you can match on a phrase or email address.
- If Aperture is not monitoring user activity on Google
Drive, remove the API client access from Google, then authenticate
the Google app again to re-enable access.
- Open a web browser and log in to admin.google.com.
- Navigate to Manage API client access (located in SecurityAdvanced Settings).
- Scroll to find the list of Aperture clients.
- Click Remove.
- Click the icon to download the first 100k logs returned as a comma-separated values (CSV) file. You can then open the CSV file in a spreadsheet application to review the activity logs offline.
Supported SaaS Applications
The Aperture service provides a consistent security policy for your SaaS applications to detect data exfiltration and malware propagation. ...
Begin Scanning a Cisco Webex Teams App
Begin Scanning a Cisco Webex Teams App The Aperture service scans messages and files shared on spaces within the Cisco Webex Teams app. To begin ...
Manage Aperture Administrators
Add Aperture administrators, manage authentication, create admin teams, and view activity on the Aperture service. ...
New Features Introduced in June 2018
New Features Introduced in June 2018 The following table provides a snapshot of new features introduced for Aperture™ in June 2018. Refer to the Aperture ...
New Features Introduced in November 2016
New Features Introduced in November 2016 The following topic provides a snapshot of new features introduced for Aperture™ in November 2016. Refer to the Aperture ...
Manage Aperture Policy
Manage Aperture Policy Policy in Aperture™ is simple and aims to create an awareness of user actions and minimize the risks associated with the use ...
Aperture service focuses on Content Security, User Activity Monitoring, Security Configuration Controls and Third-Party App Integrations. ...
New Features Introduced in August 2017
New Features Introduced in August 2017 The following table provides a snapshot of new features introduced for Aperture™ in August 2017. Refer to the Aperture ...
Begin Scanning Microsoft Office 365 Apps
Begin Scanning Microsoft Office 365 Apps To begin scanning Microsoft Office 365 apps: Add company.onmicrosoft.com as an internal domain. See Define Your Internal Domains Add ...