A New Range of Searches in GAT’s New Drive UI

GAT+ Drive audit new UI has introduced a whole range of new searches, from simple metadata searches, to complex filter built searches (now with AND, OR, NAND, and NOR) to three new long (or background searches), covering complex filters over very large drive spaces, full content over every file and deep folder tree searches.
There has never been a more powerful way to find what you are looking for on your domain G Suite Drive.
Drive audit new UI has introduced a whole range of new searches

Google Drive: File Type Search

The file type table in Drive audit shows all of the files across your entire domain. Once you click on a particular file category, the filter will be applied and those files will appear in the Drive result table so you examine them in greater detail.

GAT+ File Type Search

When it comes to Google Drive, GAT returns all document details for all users by default. You can filter by any selection range using the custom filters button.

Apply custom filter

Once these results are returned you can then add further filter criteria on top of the Type filter.

For example:

Drive files filter

Note:  This search will return files of type Spreadsheet and which are also shared out of your domain.

 

Remember if this is a frequent search, you can ‘Apply & Save’ it.

[Feature Update] Easily Assess and Edit G Suite Groups

Edit Memberships in G Suite Groups

G Suite Admins, have you ever needed to copy a whole group in your domain just so you could add or remove a user from an existing group?

GAT+ now makes this easy with a single ‘Copy Group’ option for every existing group. You can then use the Admin console to update the membership list of the copied group.

copy an entire group with GAT+

 

Quickly Inspect and Delete G Suite Groups

Group management can be a tiresome exercise in the G Suite Admin console. GAT+ now lets Admins inspect groups and delete them quickly after inspection.

 inspect groups and delete them quickly with GAT+

[New Feature] Scan and Protect Google Drive files with GAT+ DLP

For those domains that have and use Drive DLP from Google, reporting can be a real pain. GAT+ now brings some order and focus to what is going on.
Here’s what you’ll see in GAT’s DLP dashboard:
1. The first diagram shows the number of DLP Drive events per day.
2. The second chart shows the number of Events per resource owner.
3. The third has information about how many of those events were related to Team vs Personal Drive.
copy an entire group with GAT+

Manage G Suite Permissions: List a User’s Folder Access Permissions

Sometimes, G Suite admins need to be able to see what documents and files a certain user has access to.
With GA+, you can run a quick report to see what documents (within your G Suite domain) are approved for a certain user.
In the Drive audit, you can create a rule and find all the files ‘used’ by a certain user (this means they own, can read, comment or edit them) and then exclude the files they own.
This will leave you with a list of all the files they can access, excluding the ones they own. See the screenshot below for further clarification.
see what files are accessed by a certain user in G Suite

How to Remove a G Suite User’s Access Rights

Easily remove G Suite users who have access to files they shouldn’t. Using GAT+ you can remove users from being editors or readers of files.

click to remove permissions

You can remove users by clicking on the drop-down menu next to their email address. The menu that appears will allow you to remove the user from one file or multiple files within the current filter which you have applied.

Here’s how you can remove deleted G Suite accounts as editors or viewers to Google Drive files.

Audit Google Team Drives Users and Activity with GAT+

Applying a search for Team Drive files

 

Use the exposure summary table in Drive Audit to quickly display all of the files within your Team Drive for all of your domain users.

Use the exposure summary table in Drive Audit

In the above example, our domain has a total of 1778 Team Drive files. Once you click on exposure summary table for Team Drive files a filter will be automatically applied with the following search parameter selected.

Drive files filter option

Don’t hesitate to build on top of this filter search. Let’s search for Team Drive files which have been updated in the past few months and which are images and docs only. Follow the steps below to achieve the same search:

  1. Clicked on the ‘Add rule’ button.
  2. Select the Updated search parameter and then select ‘after or equal’ and then enter the months of interest.
  3. After clicking on the ‘Add group’ button.
  4. Select the OR operator so the search parameters in this group will be OR’d together.
  5. The first search parameter was Type is equal to ‘Image’.
  6. Click on ‘Add rule’ button to create the second search parameter.
  7. The second search parameter was Type is equal to ‘Doc’.
  8. Apply the filter.

Click on the button ‘Show stats for the current filter’,

To know the exact number of Team Drive files which have been updated in the past few months and are images or docs. Click on the button ‘Show stats for the current filter’, this will run a search and calculate what file types are appearing for this current filter.

‘Stats for the current filter’ will take some time to generate the results.

The ‘Stats for the current filter’ will take some time to generate the results.

A look at what the "stats of the current filter" feature shows

View Events History for Team Drives

 

In the Files Tab of Drive audit, apply a search filter for Team Drive files, once the filter is applied click on the Events Tab. This will show you all of the events carried out on those files.

Click on the 'events' tab

expanded info in the feature

A Content Search Feature in the Drive Audit

We have included a tab in the new Drive Audit UI for ‘Content Search’. This search is equivalent to the ‘Full Text’ search but it will allow for safe searching of all the files in ‘scope’ for any string being searched for.

Seeing Everyone’s Future Events – Scheduling a Report for Newly Created Events

GAT+ Calendar audit provides an effective and efficient way to audit the security and exposure of your domain users calendars. Not only can you modify permissions on primary and secondary calendars, you can also audit calendar events, past and future. As with all GAT audits, you can audit for a user, group, OU or the entire domain. In this helpful guide, you will learn how to view all of the past and future events and you learn how to remove events and participants from them.

 

Schedule a Job to report newly created future events each day.

In the Calendars Audit, select the ‘Events’ tab.

1. Set the period to ‘future’, this will show all forward events set for the next year.

In the Calendars Audit, select the ‘Events’ tab.

2. Click on the ‘Apply custom filter’ icon to see only those created today (Select from today’s date)

Click on the ‘Apply custom filter’ icon to see only those created today (Select from today’s date)

3. Now click on the ‘Apply custom filter’ button again so we can schedule this filter to run automatically to provide us with a report of all of the newly created future events each day.

click on the ‘Apply custom filter’ button again so we can schedule this filter to run automatically

Make sure to set the occurrence to run ‘Every day – after midnight’. Don’t worry about refreshing the created date, GAT+ will automatically move that forward whenever this scheduled job runs.

Click on the ‘Apply & Schedule’ button to activate this scheduled job.

 

Event Management

Now that we know how to schedule for newly created events for each day, Let’s review other things we achieve within the Calendar Event area.

 

Some quick actions you can take on events:

  • Delete an event or all recurring events.

  • Delete particular attendees from an event or for all occurrences of that recurring event.

Delete particular attendees from an event or for all occurrences of that recurring event.

 

Scheduled Reports in the new GAT+ UI

Creating a Scheduled Job

In the new GAT+ UI, you can easily create a scheduled job on a particular filter you have applied. For example, if you want to report on files changed since yesterday and to receive a report on it every day you can click on the ‘Apply custom filter’ in Drive Audit.

click on the ‘Apply custom filter’ in Drive Audit

 

Select the following parameter ‘Updated’ and set it to yesterday’s date. Creating scheduled reports is done by clicking on the ‘Scheduled’ checkbox on the drive file filter menu.

Creating scheduled reports is done by clicking on the ‘Scheduled’ checkbox on the drive file filter menu

I will set this report to run ‘Every day – after midnight’ and make sure the Enabled checkbox is ticked.

 

You can share this report with multiple admins and or users by adding their email address into the ‘Recipients’ field.

 

Note: Since this scheduled job is reporting on files changed since yesterday and its set to run every day after midnight, GAT+ will automatically increment the yesterday date.

 

You may be interested in expanding the above report, to report on files shared in and changed since yesterday or files shared out and changed etc.

To do this, you can simply expand on the filter and add another filter parameter. Click on ‘Add rule’ and select the ‘Sharing Flags’ parameter and set it to ‘Shared in’.

Click on ‘Add rule’ and select the ‘Sharing Flags’ parameter and set it to ‘Shared in’.

This will report on files shared in and changed since yesterday.

 

Note: You can change the search parameters to report back on all file types and or exposures. For more details contact support@generalaudittool.com

 

Viewing your scheduled jobs

 

Under the Configuration area of GAT+ you can view all the scheduled jobs which have been created by super admins by clicking on ‘Scheduled Jobs’

Select 'scheduled reports'

In this section, you can modify existing scheduled jobs.

modify existing scheduled jobs