Create reports for Shield actions/tracking
Create reporting for Shield activities, including the following:
1) Classifications applied by their name (i.e. 'externalpublic used on 157 folders/files'). This would help determine popular and unpopular classifications.
2) User who applied the classification label and each time they applied one (i.e. Person A applied shield classification labels on 10/1, 10/2, 10/3, etc). Helps see who is using the labels and how frequently.
3) User and which label they applied (i.e. Person B applied the externalpublic label on 10/1, 10/2, 10/3, etc.). Helps see a combo of the above two bullets.
4) Number of times a shield classification label prevented file/folder sharing (i.e. internal_only label prevented 300 files/folders from being shared externally). Doesn't have to be a deep dive into which folders, just some gauge of how effective the labels are at stopping things from being shared incorrectly.
Ed Cox commented
Auto classification should also send email to the admin account or better yet have a drop down where it shows them so you can review and address them as needed.
Admindaphnezhao (Admin, Box) commented
Re: 1), 2), 3), today Metadata API provides logs when a file/folder has classification applied, edited, removed and by whom. Customers can aggregate the logs in a SIEM like Splunk, QRadar, etc., and create desired views in their SIEM's dashboard/generate desired report from the SIEM. Making it an enterprise report on Box is TBD.
Re: 4) Shield classification-based access enforcement logs is on the roadmap. External collaboration restriction logs is planned for Q4 FY21.