-Aug-01-2022-12-37-27-80-PM.png?height=120&name=Untitled%20design%20(1)-Aug-01-2022-12-37-27-80-PM.png)
Follow these step-by-step instructions to perform an advanced search
Step 1: Log in to your SysCloud account
Step 2: Open the eDiscovery search page
- On the navigation bar, click the Filter icon (funnel icon) to access the eDiscovery search page.
Step 3: Name your search
- On the eDiscovery search page, provide a name for your search to identify it easily.
- You can also add a description to specify the purpose or scope of the search.
Step 4: Choose the type of search
SysCloud offers two types of searches:
-
One-time search:
- This is a one-time execution of your search query.
-
Scheduled search:
- You can schedule searches to run automatically at regular intervals.
- Options include:
- Daily: The search runs every day.
- Weekly: The search runs once a week.
- Monthly: The search runs once a month.
To schedule a search, select the frequency before starting the search.
Step 5: Use discovery and action tags
- In the Search tags field, you can search using:
- Discovery tags: Tags such as "Ransomware alerts" or "Security & Compliance" to identify flagged files.
- Action tags: Tags like "Items on hold" (for legal hold actions) or "Archived" to locate files with specific actions applied.
- These tags help you quickly identify files with alerts.
Step 6: Add keywords to refine your search
- Use the Search text field to input keywords related to the data you are searching for. This allows you to pinpoint specific files, emails, or other data.
- If you want to include content-based results (e.g., searching within files or emails), ensure you check the Enable Content Search.
Step 6: Choose a category
- Select a Category for your search, such as:
- All clouds
- File
- Chat
- Others
- If you want to search across all backed-up clouds, select the “All clouds” option under the Category.
Note: Advanced filters are not available when you select All Clouds.
After selecting a category, you will see a list of associated apps. Deselect any apps you don’t want to include in the search.
Step 7: Use advanced filters for granular search
For detailed searches, use advanced filters to build complex queries. Here's how:
- Click on Advanced filters to open the filter options.
- Choose a Filter from the available metadata fields.
- Select a Condition (e.g., contains, equals).
- Enter the Value for the filter.
- To add more filters, click the “+” button next to the filter field. To remove a filter, click the “x” button beside it.
- To create multiple filter groups, click “+ Filter group.” Remove a group by deleting all filters within it.
- You can also include multiple categories in your search by selecting “+ Category” and applying advanced filters separately for each category. To remove a category, use the “- Remove category”.
You can switch between categories by selecting a different category. However, switching a category will remove any advanced filters previously applied to it.
- Use the Filter preview option to review the structure of your query.
- Adjusting operators:
- Filters within the same group are combined using the AND operator by default, and filter groups are combined using the OR operator by default.
- To change the operator, click on the AND/OR dropdown beside the filter or group heading.
- Any operator change will automatically apply to all filters within the same group or between groups
Step 8: Start the search
- Once you’ve finalized your filters, groups, and categories, click on the Start Search button.
If you want to include content-based results (e.g., searching within files or emails), ensure you check the Enable Content Search option before starting.
Let’s look at examples to see how you can perform an advanced search.
Example 1: Search for emails sent by "John Doe" on "01/15/2025" with the subject "Quarterly Report"
Use Case:
You want to find emails sent by John Doe on 01/15/2025 with the subject Quarterly Report. Both Gmail and Outlook will be included in the search by default. If you only want to search Gmail emails, you can remove Outlook from the list.
Steps to Build the Query:
- Go to Advanced filters and select the Email category.
- Select the apps included by default:
- Gmail and Outlook will be listed under the category.
- Deselect any apps if you want.
- Add the filters for the search:
- Filter 1:
- Select Received from as the filter.
- Condition: contains.
- Value: "John Doe".
- Click the “+” button to add another filter.
- Filter 2:
- Select Created date as the filter.
- Condition: equals.
- Value: "01/15/2025".
- Click the “+” button again to add the next filter.
- Filter 3:
- Select Subject as the filter.
- Condition: contains.
- Value: "Quarterly Report".
- Filter 1:
The AND operator will combine the filters in this group.
Verify the filters in the “Filter preview”
Click Start search to get results matching your query.
Example 2: Search for files OR emails containing "Project Phoenix" from Alice Smith
Use Case:
You want to search for:
- Emails sent by Alice Smith containing the keyword Project Phoenix.
- Files with the name Project Phoenix created after 01/01/2025 in Google Drive.
Steps to Build the Query:
- In the Search text field, enter "Project Phoenix" to look for files and emails with this keyword.
- Add the Email category:
- Select the Email category.
- Keep both Gmail and Outlook selected by default.
- Add additional filters:
- Filter 1:
- Select Received from.
- Condition: contains.
- Value: "Alice Smith."
- Filter 1:
- Add the File-based category:
- Click + Category and select File-based.
- Keep Google Drive selected.
- Add filters:
- Filter 1:
- Select Document title.
- Condition: contains.
- Value: "Project Phoenix."
- Click the “+” button to add another filter.
- Filter 2:
- Select Created date.
- Condition: >
- Value: "01/01/2025."
- Filter 1:
Click Start search to get results matching your query.