Top policy incidents report

Security dashboard

Supported editions for this feature: Frontline Standard; Enterprise Standard and Enterprise Plus; Education Standard and Education Plus; Enterprise Essentials Plus. Compare your edition

You can review the Top policy incidents report to see the top policies causing the highest number of incidents. The policies are organized by service (for example, Google Drive). Policies are ranked by the highest number of incidents during the specified date range. At the bottom of the chart, you see the total number of incidents for the top policies for Drive.

View the Top policy incidents report

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. In the Admin console, go to Menu and then Securityand thenSecurity centerand thenDashboard.
  3. In the lower-right corner of the Top policy incidents panel, click View Report.
  4. (Optional) To generate a spreadsheet with the report’s data, click Export Sheet. The spreadsheet is saved in your My Drive folder.

Customize your report

At the top of the report, use the date range filter to customize data in the report. Customize the report to view data from Today, Yesterday, This week, Last week, This month, Last month, or Days ago (up to 180 days).  Or, you can enter a Start date and End date. Click Apply after you set the date range. 

View the top policies

Under the Top policy incidents chart, you can see a table that lists the top policies causing the highest number of incidents for the selected date range.

The table lists these details: 

  • Name of the policy that was broken
  • Number of incidents for the policy
  • Percentage change rate since the last time period
  • Resource count

Tip: To narrow down the incidents in the table, use the filters above the list.

View the top classifiers

You can see a table of the top classifiers. To see the table, under the Top policy incidents graph, click Classifier.

The table lists these details: 

  • Classifier name
  • Number of incidents for the classifier
  • Percentage change rate since the last time period
  • Resource count
  • Number of high, medium, and low-severity incidents for the classifier

Tip: To narrow down the classifiers in the table, use the filters above the list.

View the top resources

You can see a table of the top files, messages, or other resources that contributed to the top policy incidents in the chart. To see the table, under the Top policy incidents graph, click Resource.

The table lists these details: 

  • Service name (Drive)
  • Title—Name of the Drive file 
  • Owner of the Drive file
  • Number of incidents that occurred
  • Number of policies that were triggered for a given Drive file
  • Number of matched classifiers

Tip: To narrow down the resources in the table, use the filters above the list.

Was this helpful?

How can we improve it?
Search
Clear search
Close search
Google apps
Main menu
13934976048461024848