Learn how to filter records to discover and investigate high-risk events
Safetica NXT audits outgoing data transfers from endpoints on which it is installed and provides details about them to the admin. Since users may perform hundreds of such operations every day, Safetica NXT automatically determines their risk level based on how likely they are to cause a data loss.
There are 3 ways to filter high-risk events and see files that need your attention with the highest priority:
1. In Data security > Overview, click the high risk events link in the upper banner .
2. Click the Risk level filter icon in the Event overview table and select High.
3. To see high-risk events for a specific user, click the red number in the Events per user table.
High-risk events are always filtered in all the three main elements of the page – the Event overview table, the Events per user table, and the Events in time chart.
How to remove filters
You can see what filters are applied under the upper banner. To remove individual filters, click in the respective tag . To remove all filters, click the Clear all button on the right .
Best practice: Select high and medium-risk events in the Risk level filter and only disable it when you want to check the activities of specific users.
How to change time range
If you can’t see any results after filtering, try broadening the time range in the upper right corner of the screen. You can also pinpoint a more specific time by clicking and dragging your mouse in the Events in time chart.