Running a Manual Scan

Procedure

1. Add at least one Advanced Threat Protection or Data Loss Prevention policy.
   For details, see Adding Advanced Threat Protection Policies and Adding Data Loss Prevention Policies.
2. In the Actions column of a policy, click .
3. Under Scan Type, select whether to scan the service data with or without taking actions on any violation.

   Note The Scan only type applies to Office 365 services and Gmail only. For Box, Dropbox, and Google Drive, Scan Type does not appear. Cloud Email and Collaboration Protection always scans the service data and takes actions configured in the policy on any violation.

4. Under Scope, select the time range to scan.
   You can specify the time range down to minute.
5. Under Report Recipients, type the email addresses of the users to receive the scan report.

   Note This option applies to Office 365 services and Gmail only.

6. Click Scan Now.
   A manual scan starts.
7. During scanning, click Scanning... next to the policy name, and then on the screen that appears, hover over Summary in the Manual scan status column.
   The scan summary screen appears, showing the total number of email messages, sites, or files scanned and skipped.

   To cancel the manual scan, click Stop Scan.
8. Wait until the manual scan is completed.
   A scan report is generated and sent to the specified recipients.

   To check the scan summary on the console, click View report. The detailed information includes:

   • Scan start time
   • Last scan time
   • Scan type
   • Scan status
   • Number of mailboxes, users, or sites scanned and skipped
   • Number of email messages or files scanned
   • Number of files blocked, malware detected, and suspicious URLs (for Advanced Threat Protection policies)
   • Number of data loss events detected (for Data Loss Prevention policies)

   To check the scan logs, Click See details. The Logs page appears, showing the log information about the manual scan.