Here, you are mapping activities of custom apps involving content uploads or downloads or any other activities to include in the MVISION Cloud deployment. To map and record activities, you'll first need to install the MVISION Cloud Record plugin. This plugin is only supported on Chrome. No other browsers can be used to record activities.
Be sure you're totally ready to record activities before beginning. Any actions you take in the browser are recorded, so you'll want to concentrate just on the activities in the app that you want to map. If at anytime you need to pause or stop recording, you can always return to the app and record additional activities. All HTTP requests will show up when mapping an activity. (WebSockets are not supported.) Some apps will naturally be easier to map because of reasons such as distinguishing different actions with different paths, having self-explanatory path names, etc.
To map activities:
- Make sure the app you're creating is at the Get Started (step 1) screen of the Mapping app. If not, go to the Custom Applications page and click Map to the right of the app you'd like add activities to.
- When prompted, click MVISION Cloud Record at the top right of the screen to begin recording activities.
- Perform the activities you'd like to map as traffic that MVISION Cloud should extend monitoring to. This includes logging in to your app, uploading or downloading data, and any other important steps that you want to include in your MVISION Cloud deployment.
- If the action can't be found, it's recommended to isolate the individual action you want to capture. The extension has a pause button that can help:
- If something in the app can't be captured because it was download in a new window, a pop-up, etc., you can change the extension settings to capture all windows of the browser. (Be sure to switch it back afterwards.)
- Click Stop when you're done recording. (You can always go back and add more activities.)
- When you stop recording, you'll see a list of activities that were recorded. Now you'll need to add a bit more information to each activity. Click any activity, then click Map in the side panel.
- Under General Information, enter any missing information for the following:
Name. Edit the name of the activity.
Description. Enter or edit an optional description.
Activity Category. Choose an Activity Category that describes the activity.
- For Matching Rules, you'll double-check settings for URLs that will be included in the custom app and that will have DLP polices added to.
URL. The automatically-generated URL. This can be blank if an activity is not related to a URL.
Host. The host of the app. Select Convert to RegEx if you'd like to use a wildcard (*) to make the host less specific.
Path. The path
Query Parameters. If you'd like to append a regex query to the URL, click Convert to RegEx and then type it.
Method. If needed, choose GET, POST, PUT, or DELETE.
Object Identifier. If your URL includes an identifier, type that value (exactly as it appears). This value is used to make the generated expression.
Generated Expression. Puts together all regex values together into an expression that's appended to the URL.
- For Policy Enablement, choose to enable or disable DLP and Cloud Access Policies for the activity. Then click Save.
- Repeat these steps until all activities have been properly mapped.
- Click Done. This saves all your work.
After recording activities with the extension, the mapping page will sort the recorded HTTP requests from oldest to newest. We will automatically detect certain options: login, upload, download, and form submissions. If you have knowledge of the app, there should be enough information to see if the request is correct by looking at the Type, Request Type, and Response Type.
If the action performed isn't an automatically detected action, you can change the filter settings. For example, below we recorded an action in the app where we searched for the phrase "testphrase". This doesn't fall into the automatically detected activities. To look for this action, we changed the filter options to show "All Activities" of response type "JSON" with the text "testphrase" somewhere. The hints, query parameters, and form data can help with checking whether this is the activity you want to have mapped.
Additionally, some types such as image assets are hidden by default. That can be enabled from the "Captured Types" section above.