The Search Detail Summary page gives you complete details on a selected search. You will see the status of your search including the matched files and collected files along with the search criteria, file-level results along with details of each endpoint requested.
Details of each grid area are listed below.
Search Details Summary
Once a search is executed, you will be able to view the status of a search in the upper left corner of the search details summary. Using the refresh button located throughout the interface will refresh the results of the page as files are brought back to the results grid. The status grid contains the following elements:
- Matched Files - Displays total file count of executed search
- Matched (MB) - Displays total megabyte size of executed search
- Collected Files - Displays total collected file count of executed search*
- Collected (MB) - Displayes total collected megabyte size of executed search
- Status - Consists of three states: Queued, Searching, Complete
- Queued indicates that endpoints are currently waiting to pickup a command to search
- Searching indicates that endpoints are actively searching and returning results
- Complete indicates that all endpoints have completed their searches
Search Details Status Window
The criteria by which a search was executed is displayed in the criteria area. Click on the arrows to expand the fields for a more complete view. If you would like to export your results to a spreadsheet, simply click the Export to Excel in the upper right corner of the grid. If you would like to maximize your grid to the entire screen, simply click on the expansion/contraction button to the right of the export button. Your grid will now maximize to the entire screen. To return to the original size and position click on the button again.
Search Details Criteria Window
As your search progresses The results grid displays file-level information from your search. It includes the following fields:
File Name - File name as shown on the endpoint including the file extension
Risk Score - The sum of all credit cards and social security numbers identified in a specific file
Keyword Match - If using keywords Interrogate will display a snippet of text along with the first word highlighted in yellow
Deleted - If a file has been deleted from the endpoint, a deleted flag will be displayed
Computer Name - The name of the endpoint computer
File Owner - File owner is automatically identified by the Interrogate endpoint service when indexing files
Extension - A file's extension (a file is NOT required to have an extension)
Local File Path - The path to the local file on the endpoint
SHA1 Hash - A file's hash value. Hash values are automatically calculated by the endpoint service during indexing
File Size - The file's size in megabytes
Doc Date - Document dates displayed are as follows:
Document Type | Display Date |
Date Sent or Date Last Modified | |
File (Loose File) 1st Method | Date Last Modified |
File (Loose File) 2nd Method | Date Created |
File (Loose File) 3rd Method | Field Left Empty |
Search Details Results Window