Auvik ‘Quick Scan’ functionality works in the background with some applications and pulls data from logs to identify the usage of those SaaS applications for ASM users. This allows users to see what users are using retroactively without having to wait for data to be generated with live usage. You don’t have to wait for things to happen, we can capture users, events, and apps retroactively for the past 30 days. Data is captured from both the ASM browser Extension and integrations with Azure/Google Workspace.
To see which SaaS programs have been scanned:
- Go to the Admin Hub
- Click on Applications
- A list of Applications will appear to the right of the menu. Scroll through the list to find the SaaS application you are looking for.
- An application with this badge will indicate that it has collected data from Browser Logs.
- Alternatively this badge under Source will also indicate the same.
To access the Browser Logs that holds this data:
- Go to the Admin Hub
- Click on Security Logs
- A screen of Application Security Logs charts will appear.
- Scroll down to the All Applications list
- Type the desired application into Search to filter the logs
- Click the required log to see the Activity Metadata
Note: Identifying pieces of metadata have been hidden in this screenshot.
- Details such as URL, IP Address, Browser, Browser Profile, Action, Time UTC and Timestamp will be displayed in the metadata
This functionality currently works with all the Chromium based browsers, such as Chrome and Microsoft Edge.