Managing Google Drive Violations

When an end user violates a policy in Google Drive, a notification is generated based on the notification settings configured by you in the policy configurations.

This document explains where you can find notifications on policy violations and what actions can be taken. Nightfall recommends you to view the Nightfall Violations document and then proceed with this document.

Nightfall Violations Page

To view the Nightfall violations page:

Navigate to the Violations page in Nightfall.
Apply filters to view only Google Drive violations.

Click Apply.

(Optional) Modify the days filter to view historical violations. You can either select a standard time frame provided by Nightfall like Last 7 Days, Last 30 Days, and so on, or use the Custom Range option to specify a custom time frame.

Click the ellipsis menu on the right to view the available actions.

You can reduce the noise from known files repeatedly generating new violations by ignoring all violations in a specific file, keeping you focused on new, unknown risks. All current Violations and future violations generated by this file are automatically ignored.

You can also Undo the Ignore all action.

When you apply the Ignore all action:

All existing violations from the selected item are automatically marked as "Ignored" and moved to the Resolved tab.
An activity is created in the log entry to reflect the automated action on any violation that is automatically ignored.
Ignored automatically - "Auto-ignore is enabled for all future violations from this item.

Click on any violation to view the exact data that caused the violation.

Email Notification

When a data leak occurs, Google Drive sends an Email to end users, if they have configured Email as a Notification method in their Google Drive account.

PreviousCreating the Policy NextRemediation on Nightfall for Google Drive

Last updated 1 year ago

Was this helpful?