Skip to content

Realtime Scanning

By default, Privacera Discovery scans resources that are added to an application (realtime scanning). When a parent resource entry is added to the Include Resource tab of the Data Source page, any changes to that resource is monitored such as a file being added to a folder or table being added within a database. On detection of those events, a real time scan is initiated on newly added resource.

To scan the resource in realtime, the application should be enabled and resource should be added to the Include Resource tab in the application.

Realtime scan is supported on the following datasources:

Supported Datasources for Realtime Scan

Cloud AWS S3 Azure ADLS GCP Google Cloud Storage GCP Google BigQuery
AWS
Azure
GCP

Prerequisites

Make sure following prerequisites are met for supporting realtime scan:

  1. Application is configured, and a successful test connection has been established.

  2. Ensure that the Enable Real-Time toggle is enabled under APPLICATION PROPERTIES at the time of application configuration.

  3. Make sure Realtime Scan configuration is done on respective (AWS, AZURE or GCP) console depending on the cloud environment by following steps given here

Procedure for Enabling Realtime Scan On Privacera Portal

  1. Go to Discovery > Data Sources.

  2. From the Applications list, select the application.

  3. Click ADD.

  4. Add Resource for realtime scanning by following steps given here.

    Important

    Ensure that the value for the Scan Type field is set to Scan.

  5. Click SAVE.

  6. Go to Cloud console and upload a file in folder which added as a resource in preceding step.

Procedure for Validating Realtime Scan On Privacera Portal

  1. Under Diagnostics > Health Check > Kafka/Kinesis or Pub/Sub topics , check for audit consumption in the following kafka topics:

    1. For S3: privacera_scan_woEnablingrker_aws_s3_{DEPLOYMENT_ENV_NAME}

    2. For ADLS: event_hub_{DEPLOYMENT_ENV_NAME}

    3. For GCS: privacera_audits_{DEPLOYMENT_ENV_NAME} belongs to privacera_googlecloud_audits_group_{DEPLOYMENT_ENV_NAME}

    4. For GBQ: privacera_audits_{DEPLOYMENT_ENV_NAME} belongs to privacera_googlebigquery_audits_group_{DEPLOYMENT_ENV_NAME}

  2. Under Reports > Built-in Reports > Scan Summary Report, Check scan entry of uploaded file in resource with Realtime scan as a reason.

  3. Under Data Inventory > Classifications > Check the Classifications for the Scanned Resource.

Comments