Use Faceted Search to Filter Assets
Learn how to use faceted search on Prisma SaaS to investigate and view details about incidents discovered when scanning your SaaS applications.
In addition to the highlights from the Dashboard, Prisma SaaS provides visibility into all assets in your managed SaaS applications. Search provides you with different views to help you find the incidents that are most important to you. You can view incidents by user to see if any of your users (or external collaborators) have a history of misuse or you can view all incidents for a specific file type. You can also use search to simplify the remediation process and to determine if you should Fine-Tune Policy. For example, you can find PII violations with external exposure, assign issues to an administrator, and send an email to the owners—all in one streamlined workflow.
- Selectto view any scanned assets.ExploreAssetsBy default, Prisma SaaS displays the Exposure, Type, Item Name, Owner, and Content columns but you can add additional columns such as Creator, Owner Email, Creator Email, Date Created, Date Updated, and File Type.
- Use the facets to narrow your search results.Dropbox folders do not have metadata for the creation or updated date, preventing search filters other than Any Date to return these folders. However, you can still search for individual files within a folder by a creation or last modified date.
- Select one or more of the following facets to create your search expression. With multiple filters, Prisma SaaS performs a logical AND search and rounds up the asset total in the search results.
If you want investigate incidents associated with a specific cloud application, select, and select the cloud app fromIncidentsAssetsCloud Appsto view a list incidents along with the policy rule violation.
- Date—The date range of the exposure. Choices include any date, past year, past month, and past week (default).
- Cloud App(instance name)—Assets associated with each instance of a cloud application.
- Policy Rules—Data pattern types available for scanning assets. Click to select the data patterns in which you are interested. For example, you can filter on assets that are sensitive documents with PII violations.
- Content—Lists the six predefined data pattern content categories, andUncategorizedfor violations that are not associated with a specific data pattern.
- Exposure Level—Details about shared assets and who can access and view the asset.
- Buckets—Lists the number of assets associated to a bucket.
- Shared With—Select users or collaborators with access to shared assets. To see a list of shared assets, you can filterTrusted Users(those with internal domains),Untrusted Users(those with external domains), andAnyone Except Trusted Users(anyone other than a trusted user).
- Top Owners—Users who own the highest number of assets.
- Top Creators—Users who created the highest number of assets.
- Shared with Domains—Lists the domains with the highest number of sharing listed in order.
- File Type—File formats of the assets that reside in the cloud applications.
- Download your current view into aCSVfile.When you download asset details to review offline, additional information such as external and internal collaborators, file size, and parent folder are included in the CSV file.
- ClickAdvancedto use RegEx to perform Advanced Searches.
What is an Incident?
Prisma SaaS identifies and sets the state and category for each incident discovered during the scanning of your assets. ...
Monitor Scan Results on the Dashboard
Review the scan results reported by Prisma SaaS on a single dashboard. ...
Secure Cloud Apps
Use Prisma SaaS to have visibility into and control over how your users are accessing and sharing data across SaaS applications. ...
Specify internal and external collaborators, and trusted and untrusted users to configure the incident settings on Prisma SaaS. ...
Close one incident at a time or use Bulk Incident to close multiple incidents at once on Prisma SaaS. ...
Configure Prisma SaaS Global Scan Settings
Define internal domains, add trusted users and domains, configure acceptable levels of asset exposure, and set the time zone and language for Prisma SaaS. ...
Assign Incidents to Another Administrator
Use Bulk Incident to assign a group of incidents to another Prisma SaaS administrator or assign incidents individually. ...
Change Sharing SaaS applications make it easy for users to collaborate and share information in the cloud. However, tracking and controlling the different types of ...
View Asset Details
Learn about how Prisma SaaS displays detailed information about an asset violating a policy rule. ...