The unusual data activity report lists the devices for which inSync detected anomalous behavior. Typically, a device is flagged and listed in this report if some of the following trends were observed for files and folders configured for backup on the device:
- Large number of files deleted
- Large number of files added
- Unwarranted modification of files
- Suspicious encryption of files (inSync checks if a minimum of 100 files are encrypted)
Following fields describe the report:
|User Name||Name of the user.|
|Data Sources||Data Source name on which unusual data activity was detected.|
|Affected Snapshot||Date and time of the snapshot in which inSync detected unusual data activity.|
|Last Known Good Snapshot||
Date and time of the snapshot that was created before unusual data activity was detected. inSync uses 33 snapshots to generate a trend. If, in the 34th snapshot inSync detects an anomaly, 33rd snapshot is the last known good snapshot. If inSync detects an anomaly in the 46th snapshot, 45th snapshot is the last known good snapshot.
Date and time format of the snapshot is: MMM DD YYYY HH:MM.
Description of the anomaly.
If a single type of anomaly is detected (either files were deleted, modified, added, or encrypted), you can see one of the following messages in the Anomaly Detected field:
If multiple anomalies are detected, the detected anomalies are listed as comma separated values. For example, if multiple files were added and deleted, you can see the message as New Files, Deleted Files. If all the anomalies are detected, the value of the Anomaly Detected field is New files, Updated files, Deleted Files, Encrypted Files.
The number of deleted, updated, and new files is the actual number of files deleted, updated, and created in the snapshot. For the number of encrypted files, inSync checks if there are a minimum of 100 or more encrypted files.
|New files||Lists the number of new files created in the affected snapshot.|
|Deleted files||Lists the number of files deleted in the affected snapshot.|
|Modified files||Lists the number of files for which the content has changed in the affected snapshot.|
|Encrypted files detected||Lists the number of encrypted files detected in the affected snapshot.|