DQL report to show sensitive files/user activities for a given path
As you can tell, I'm brand new to the world of DQL and looking for help. My Data Insight 6.1 instance is integrated with Symantec DLP and gets the list of sensitive files from DLP. I created the dql below to report on ALL sensitive files in my environment, and it works good: FROM path GET absname, device.name, permissions.readable_permission IF issensitive = 1 FORMAT permissions as CSV AND device as CSV What I'm trying to do is get a list of sensitive files for a particular Windows file directory, not just everything, as well as output to CSV all user activites for those files within a given time period. Is that something that can be done within DQL? Thanks for your help with this one.