Version 4.0 introduced the ability to scan and report on Microsoft 365 storage repositories. These include SharePoint document libraries, OneDrive for Business drives, and Team drives.
This report focuses on files that are located in Team chat file locations.
New with version 4.0 is ability to scan and report on permissions and sharing within Microsoft 365. Know how the permissions are set and how files are sharing can make a large impact on how well a company’s data is protected.
This report comes in a couple of formats. First a custom paginated format and secondly a CSV based format.
Summary
New with version 4.0 is the ability scan your Microsoft 365 tenent. The filename extension report helps you see what applications are being used, by way of the filename extensions used.
This report includes both the summary and detail sections you maybe used to from the built-in reports. The query can be filtered by drive_categories by modifying line 53.
New with version 4.0 is the ability to scan for truely duplicated files in Microsoft 365. Version 4.0 collects the content hash from the files in Microsoft 365 so that the duplicates can be found and remediated.
Duplicated files can be simply redundant taking up extra space or they can be a security risk. Files get downloaded from SharePoint where the security is more regulated to someones OneDrive or MySite and then shared. This could potentially be a big problem.
New with version 4.0, comes the ability to scan your Microsoft 365 tenant and create reports from the data found in the Document Libraries and One Drive File Systems.
This report focuses on the when the files in the desired drive_categores were last modified by year. The report layout includes both Summary and the Detailed Reports.
Details
This report capitalizes on the ability of version 4.0 to scan your OneDrive for Business storage. Individuals within your company may be sharing out your companies IP with little regard for security. This report is limited to the list of all sharing links located with discovered User OneDrive for Business drives, and does not include Direct Access permissions.
Details
This report combines file extensions in to categories. The report uses the srs.current_fs_scandata database view which limits the scope to current scans only. The scope is further limited by the sd.fullpath LIKE portion of the sql where clause. If you remove it, the report will run across all current scan_data.
This recipes comes in two versions, a Detailed version and a Summary version.
You will need to modify the path line 32 of the desired query.
This report utilizes the new added Microsoft 365 scanning features of version 4.0. The 4.0 tenant scan prompts the new Agent365 to collect a hash of the file content and store the hash in the database where it can be use to compare against other files that match in content.
This query is designed to show show the different joins work together to get the desired data.
Copyright © 2021, Condrey Corporation