Skip to main content
All CollectionsHOW-TO guides
How to use the Investigation Center - your ability to see all your assets in SaaS tools
How to use the Investigation Center - your ability to see all your assets in SaaS tools
Reco Product Management avatar
Written by Reco Product Management
Updated over a year ago

The inventory feature is a powerful tool that allows you to manage and monitor all the assets in your organization. It gives you complete visibility into your organization's digital footprint, and provides you with the necessary insights to make informed decisions.

The inventory feature provides the following benefits:

  • Complete visibility into your organization's SaaS assets

  • The ability to monitor all the assets in your organization, who has access to them and what events are happening on them

  • Improved asset management capabilities

  • Insights for informed decision-making

The inventory consist of tables that you can filter using the drop down menu . Below are the further details for each table

Assets

The assets table contains information about all the assets in your organization. It provides information about:

  • Asset name - the name of the asset

  • Asset type - the type of asset (e.g., document, spreadsheet, presentation)

  • Asset location - where the asset is located (e.g., Google Drive, Dropbox)

  • Asset owner - the user who owns the asset

  • Last modified - when the asset was last modified

  • Access level - who has access to the asset (e.g., public, private)

  • Source - the source of the asset (e.g., Google Drive, Dropbox)

Users

The user table contains information about users in your saas tools. It provides information about:

  • User name - the username of the person appearing in the saas tool

  • User email - the email of the person

  • User groups - what groups the user is a part of

  • Category - whether the user is external, inactive

  • Domain - the domain the user is in

  • Department - what department the user is in

  • Former employee - whether the user is a former employee

  • Active - is the user still active according to the reco analysis

Emails

The email table contains all information about emails sent and received by the organization. This includes:

  • Subject - the subject of the email

  • Sender - the sender that sends the email

  • Recipients - the recipients that received the email

  • Number of attachments - if there were attachments

  • Sent time - when was the email sent

  • Source - what is the source the email is received or sent by

Groups

The groups table contains information about groups in your organization. That includes:

  • Group name - the name of the group

  • Group description - the description the group was given

  • Number of users - how many users are in the group

  • Group email account - if there is an email account associated with this group, it will show in the column

  • Source - the source that the group is managed in

Channels

The channels table contains information about instant messaging channels. That includes:

  • Channel name - the name of the channel

  • Public - whether the channel is public or private

  • Externally shared - whether it was external or internal

  • Number of assets - the number of assets shared in the channel

  • Users - the users that are in the channel

  • Created at - when the channel was created

  • Source - the source of the channel

Events

The Events table in the inventory contains information about all the events that were done in SaaS tools by specific people. The table provides valuable insights into the actions and behaviors of users, making it an indispensable tool for monitoring and securing your organization's assets.

The Events table includes the following columns:

  • Source: This column shows the name of the SaaS tool that the event was done in.

  • Asset Name: If the event was done on a specific asset, such as a file or document, this column will show the name of that asset.

  • Asset Link: If there is a link associated with the asset, it will show in this column.

  • Owner: This column shows the name of the owner of the asset that the event was done on.

  • Actor: This column shows the name of the user who performed the event.

  • Event Type: This column shows the type of event that was done. Here is a list of all the event types supported in the Events table:

    • file_read_event - someone read the file

    • file_write_event - someone wrote to the file

    • share_in_drive- someone shared the file in the drive

    • shared_with_file_via_drive - someone shared the file via the drive application

    • send_file_in_slack_channel_event - someone sent a file in a slack channel

    • shared_with_file_in_slack_channel - someone shared the file through Slack

    • send_file_in_email - someone shared a file in an email

    • shared_with_file_via_email - someone shared a file in an email

    • shared_in_domain_event - someone exposed a file to the entire domain

    • shared_publicly_event - someone exposed a file publicly

    • saved_on_private_drive_event - someone saved a file on a private drive

    • revoke_public_link - someone revoked an exposed file that was open publicly

    • shared_with_external_channel - someone shared a file in an external channel

    • github_download_event - someone downloaded from Github

    • github_share_repository_event - Someone shared a repository in Github =

    • github_shared_with_repository_event - Someone shared a repository in Github

  • Affected Email: If applicable, this column will show the email that received the file or email associated with the event.

  • Action Time: This column shows the time that the action was initiated.

  • Direction: This column shows the direction of the event - whether it was from the user or to the user.

  • Action Label: This column shows the action that was performed. Here are the possible action labels supported in the Events table:

    • edited

    • organized

    • deleted

    • invited

    • rsvp

    • created

    • received_by

    • sent

    • view_file

    • download_file

    • edit_file

    • create_file

    • upload_file

    • subscribed

    • copy_file

    • trash_file

    • rename_file

    • uninvited

    • move_file

    • print_file

    • unsubscribed

    • untrash_file

    • attached_to

Code Repositories

The Code Repositories table contains information about all the code repositories in the organization. It provides information about:

  • Repository name: The name of the repository.

  • Visibility: Whether the repository is public or private.

  • Owner: The user who owns the repository.

  • Collaborators: The list of users who have access to the repository.

  • Archived: Whether the repository is archived or not.

  • Last push: The date of the last push to the repository.

The Inventory feature is a powerful tool that enables organizations to gain insights into their data usage patterns, identify risks, and optimize their processes. By collecting and organizing data from various sources, the feature provides a comprehensive view of an organization's digital assets. This, in turn, helps organizations make informed decisions about their data usage, improve their security posture, and achieve better compliance with data protection regulations.

If you have any questions about the Inventory feature, please feel free to reach out to our support team.

Did this answer your question?