# Historical Scan Detection Rules Some Nightfall integrations (e.g. Nightfall DLP for Google Drive) offer options for both historical and real-time scanning. Some organizations wish to minimize the amount of real-time alerts they receive daily but still want to maintain a comprehensive data scanning and protection strategy. One option is to create Detection Rules for real-time scans that are limited to the types of sensitive information that are most critical or highest risk to your organization. Then, leverage broader historical scans to capture less critical risks on a routine cadence, when your team can plan resourcing in advance (e.g. monthly or quarterly). ### Running Historical Scans Nightfall can fully manage historical scan executions on your behalf to scan data in your SaaS applications. Due to the sheer volume of content that can amass in cloud apps over time, historical scans can be very resource-intensive and may take days or more to process. As such, we advise against running broad historical scans all at once. Instead, we recommend that you prioritize certain detectors based on your organization’s definition of critical violations and limit the scan to a specific date range (e.g. one month at a time). Then, you can request the Nightfall team ( or contact your customer success representative) to run a historical scan on a SaaS application of interest. Upon completion of the historical scan, Nightfall will share a risk assessment report with an overview of the highest severity findings, highest risk files or resources, users with the most number of violations, the total amount of data scanned, and more. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://help.nightfall.ai/detection_platform/historical_scan.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.