Skip to content

DATA RISKS

active_directory

ActiveDirectoryIrRemediationFailed

${username} unable to start remediation ${remediationType} for risks identified on the Active Directory domain controller '${dcName}'. Reason: ${reason}.
Severity Status Audit Event
Info Failure Yes

ActiveDirectoryIrRemediationStarted

${username} triggered remediation ${remediationType} for risks identified on the Active Directory domain controller '${dcName}'.
Severity Status Audit Event
Info Success Yes

data_risks

DataRisksPolicyCreated

${userEmail} created a new policy named '${policyName}'.
Severity Status Audit Event
Info Success Yes

DataRisksPolicyDeleted

${userEmail} deleted the policy '${policyName}', closing  '${violationsCount}' violations.
Severity Status Audit Event
Info Success Yes

DataRisksPolicyUpdated

${userEmail} modified the definitions for the policy '${policyName}'.
Severity Status Audit Event
Info Success Yes

EntraIDRemediationFailure

${userEmail} failed to remediate violation with '${violationName}' with '${remediationType}' on '${objectName}'. Error: ${reason}.
Severity Status Audit Event
Critical Failure Yes

EntraIDRemediationSuccess

'${userEmail}' successfully remediated violation '${violationName}'  with '${remediationType}' on '${objectName}'.
Severity Status Audit Event
Info Success Yes

ExportActionsLogRemediation

'${userEmail}' downloaded actions log for object '${resourceName} in '${tenantName}'
Severity Status Audit Event
Info Success Yes

ExportPermissionsRemediation

'${userEmail}' downloaded data access permissions for object '${resourceName}' in '${tenantName}'
Severity Status Audit Event
Info Success Yes

MipLabelRemediationFailure

Error while assigning the label '${labelName}' to ${failedDocumentCount}  documents detected in violation by user ${userEmail} for  violation '${policyName}' on object '${objectName}'. ${skippedCount} documents were skipped due to unsupported file types.
Severity Status Audit Event
Info Failure Yes

MipLabelRemediationSuccess

User ${userEmail} successfully assigned the label '${labelName}' to ${documentCount} documents detected in violation '${policyName}' on  object '${objectName}'. ${skippedCount} documents were skipped due to unsupported file types.
Severity Status Audit Event
Info Success Yes

OverExposureRevokeAccessRemediationFailure

'${userEmail}' failed to revoke '${accessType}' access from  '${documentCount}' files in object '${resourceName}'
Severity Status Audit Event
Critical Failure Yes

OverExposureRevokeAccessRemediationSuccess

'${userEmail}' revoked '${accessType}' access from '${documentCount}' files in object '${resourceName}'
Severity Status Audit Event
Info Success Yes

PolicyViolationStatusUpdated

${userEmail} changed the status of the violations '${policyName}' on  object '${objectName}' from '${oldStatus}' to '${newStatus}' .
Severity Status Audit Event
Info Success Yes

RemediationTriggered

${userEmail} triggered remediation action '${actionName}' on  violation '${policyName}' on object '${objectName}'.
Severity Status Audit Event
Info Success Yes

TicketCreated

${userEmail} created a ticket for violation through  '${ticketPlatform}' for '${policyName}' on object '${objectName}'.
Severity Status Audit Event
Info Success Yes