Running a Manual Scan

Running a manual scan performs an on-demand scan of targets based on the selected policy configuration.

For details about manual scans at Manual Scan.


Manual scan is not applicable for Microsoft Teams (Chat).

  1. Add at least one Advanced Threat Protection or Data Loss Prevention policy.

    For details, see Adding Advanced Threat Protection Policies and Adding Data Loss Prevention Policies.

  2. Select a policy and then click Run Manual Scan.

    The manual scan setting screen appears, showing the policy summary, scan type, scan scope, recipients of the scan report.

  3. Under Scan Type, select whether to scan the service data with or without taking actions on any violation.

    The Scan only type applies to Office 365 services and Gmail only.

    For Box, Dropbox, and Google Drive, Scan Type does not appear. Cloud App Security always scans the service data and takes actions configured in the policy on any violation.

  4. Under Scope, select the time range to scan.

    You can specify the time range down to minute.

  5. Under Report Recipients, type the email addresses of the users to receive the scan report.

    This option applies to Office 365 services and Gmail only.

  6. Click Scan Now.

    A manual scan starts.

  7. During scanning, click Scanning... next to the policy name, and then on the screen that appears, hover over Summary in the Scan Details column.

    The scan summary screen appears, showing the total number of email messages, sites, or files scanned and skipped.

    To cancel the manual scan, click Stop Scan.

  8. Wait until the manual scan is completed.

    The message "Completed" appears in the Scan Details column, and the Scan History link appears in the Rules column.

    A scan report is generated and sent to the specified recipients.

    To check the scan summary, hover over Scan History. The detailed information includes:

    • Scan start time

    • Last scan time

    • Scan type

    • Scan status

    • Number of mailboxes, users, or sites scanned and skipped

    • Number of email messages or files scanned

    • Number of files blocked, malware detected, and suspicious URLs (for Advanced Threat Protection policies)

    • Number of data loss events detected (for Data Loss Prevention policies)

    To check the scan logs, Click See details. The Logs page appears, showing the log information about the manual scan.