cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

AIP Scanner Status report

Metzinger35
Copper Contributor

‎Apr 27 2020 08:09 AM - last edited on ‎Apr 08 2022 10:25 AM by

‎Apr 27 2020 08:09 AM - last edited on ‎Apr 08 2022 10:25 AM by

AIP Scanner Status report

Hello,

 

I'm looking to create some kind of report for the AIP scanner as its scanning share directories. It would be nice to know when it starts to scan a directory and when it the scanner has completed the directory. It would be nice to have it include all the directories and then give the status if it has completed scanning.

 

Is this possible with AIP and log analytics? I have been looking into this and haven't made it too far. Any help would be greatly appreciated.

1,016 Views
0 Likes
1 Reply
Reply
1 Reply
CliveWatson

‎Apr 27 2020 10:54 AM

‎Apr 27 2020 10:54 AM

Re: AIP Scanner Status report

@Metzinger35 

 

I think (and I have very little AIP test data) that you get one row in the logs per activity (or activity_s)

 

InformationProtectionLogs_CL
| where Activity_s == "Discover"
| project TimeGenerated , ['File Name']=ObjectId_s , DeviceId_s , DeviceRisk_s , Activity_s , UserId_s

 

https://docs.microsoft.com/en-us/azure/information-protection/reports-aip

 

Unless the Activity column changes i.e newlabel removelabel etc...

 

 

 

 

0 Likes
Reply