Running Historical Scans

Due to the sheer volume of content that can amass in cloud apps over time, historical scans can be very resource-intensive, and may take days or more to process. As such, we advise against running broad historical scans all at once.
Instead, we recommend that you prioritize certain detectors based on your organization’s definition of critical violations and limit the scan to a specific date range (e.g. one month at a time). Then, run subsequent scans to cover the remaining date ranges and remaining detectors, excluding content that you’ve already scanned.

Historical Scanning Error Types

When running historical scans & reviewing their results, it is important to understand what potential errors may arise. The output of your historical scan will contain both sensitive findings, as well as verbose error rows. There are types of errors that you may observe in your scan output. Please find below:
Unsupported file type
The list of supported file types for historical scans can be found below:
  • plaintext
  • Office file types - Google office, Open office, Microsoft Office
  • pdf
  • html, xml
  • jpeg, png, etc
  • compressed files (zip, tar, etc)
For file types that are not supported, the 'Unsupported file type" error will be seen in the historical scan results.
Unable to access or process file
Most commonly this error arises in situations where former (now deleted) users have pages or projects that are being scanned. Thus, this content is no longer accessible by anyone, including Nightfall. For example, if the Author Name is Former user (Deleted) this would be the case.
Less commonly, for specific integrations where it is possible to install via a non-admin user, this error can also arise if there is a file that cannot be accessed by the user that installed the Nightfall integration because our service may inherit the scopes of the installer.