# INSIGHT FAQs
How do I monitor ChatGPT and other AI tools?
You can monitor ChatGPT, Claude, and other AI or generative-text applications through the Risks Summary Dashboard, Risks Dashboard, General Dashboard, and SharePoint Dashboard (for Microsoft 365 sites).
When you install the INSIGHT Agent on your endpoint devices, it automatically tracks the usage of both approved and non-corporate applications. This includes AI tools opened in browsers or as desktop apps.
To view AI-related activity:
Go to the **INSIGHT Dashboard** and see the following widgets:
| **Dashboard** | **Widget Name** | **Purpose / Summary** |
| ---------------------- | ----------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------- |
| Risk Summary Dashboard | Usage of AI Tools | Detects when users access or upload files to AI-powered platforms like ChatGPT, Copilot, or Bard. |
| Risks Dashboard | Use of Monitored Non-Organisational Applications Summary | Displays the total users who accessed or interacted with AI or unapproved applications such as ChatGPT.exe. |
| | Use of Monitored Non-Organisational Websites Summary | Tracks users visiting AI-related websites. |
| | Keystrokes Summary | Detects sensitive or monitored phrases typed into applications or web tools, including AI chat prompts. |
| | Uploads of Data to Non-Corporate Websites Summary | Identifies files uploaded to public or non-corporate websites, including AI web platforms. |
| General Dashboard | Website Text Summary | Detects when sensitive text or keywords are entered or posted on external sites such as AI chat interfaces. |
| | Website Uploads Summary | Tracks file uploads through browsers, including potential uploads to ChatGPT or similar tools. |
| | Keystrokes Summary | Monitors sensitive words typed on local devices that may indicate data entry into AI platforms. |
| SharePoint Dashboard | SharePoint File Download Logs by File Name | Displays files downloaded from SharePoint that could later be uploaded to AI tools. |
| | SharePoint External File Access Logs by File Name or by User Name | Shows external users accessing files, helping correlate with potential AI data uploads. |
{% hint style="info" %}
Ensure that ChatGPT and other AI platforms are listed in your **Monitored Non-Organisational Applications** configuration in the INSIGHT Management Console so that INSIGHT can categorise them correctly and include them in your dashboards.
{% endhint %}
How do I monitor the usage of specific websites in the dashboard?
You can monitor visits to specific websites, such as file-sharing, social media, or AI tools, through the Risks Summary Dashboard, Risks Dashboard, General Dashboard, and SharePoint Dashboard (for Microsoft 365 sites).
| **Dashboard** | **Widget Name** | **Purpose / What It Shows** |
| ---------------------- | ----------------------------------------------------------------- | -------------------------------------------------------------------------------------------- |
| Risk Summary Dashboard | Usage of Non-Corporate Websites | Shows how much time users spent on non-corporate or unapproved websites. |
| | Data Transfer using Non-Corporate Websites | Displays the number of files uploaded or transferred to public or non-corporate websites. |
| Risks Dashboard | Use of Monitored Non-Organisational Websites Summary | Displays the total users and total duration of activity on monitored non-corporate websites. |
| | Uploads of Data to Non-Corporate Websites Summary | Tracks the total number of files uploaded to public or non-corporate websites. |
| | Use of Monitored Non-Organisational Websites | Lists rule-based violations for access to monitored websites by user and URL. |
| | Uploads of Data to Non-Corporate Websites | Displays detailed violation logs for file uploads to unapproved or external websites. |
| General Dashboard | Website Uploads Summary | Displays total files uploaded to both corporate and non-corporate websites. |
| | Website Text Summary | Detects sensitive text or phrases posted on websites, such as in forms or chat fields. |
| | Website Incidents | Lists website-related violations by URL, rule, and user, showing potential data exposure. |
| | Productivity | Shows time spent on websites categorised as productive, unproductive, or uncategorised. |
| SharePoint Dashboard | SharePoint External File Access Logs by File Name or by User Name | Displays external user access activity through SharePoint URLs. |
| | SharePoint Anonymous Link Creation by File Name or by User Name | Shows creation of public or anonymous file-sharing links within SharePoint. |
{% hint style="info" %}
For focused analysis, you can create a **Custom Dashboard** that tracks specific websites, applications, or high-risk users.
{% endhint %}
If I change the format of a protected file (for example, saving a DWG as a PDF), is the new file still protected?
Yes, GuardWare PROTECT ensures that when a protected file is saved or exported into another format or extension (for example, DWG to PDF), the newly created file is also protected.
I want to monitor sensitive financial information. How do I do that?
You can monitor exposure of financial data, such as credit-card numbers, bank details, invoices, or payroll files, using **Data Loss Prevention (DLP)** rules and dashboard widgets.
1. **Create DLP Rules:**
1. Add rules to detect financial patterns (e.g., credit-card or BSB numbers) and keywords like *invoice*, *salary*, or *bank account*.
2. Apply rules to emails, uploads, SharePoint, and endpoint monitoring.
2. **Watch Key Widgets:**
| **Dashboard** | **Widget Name** | **Purpose / What It Detects** |
| ---------------------- | ----------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------- |
| Risk Summary Dashboard | Data Transfer using Non-Corporate Websites | Detects files containing financial data uploaded to public or unapproved websites. |
| | Usage of AI Tools | Identifies when users paste or upload corporate financial data into AI tools like ChatGPT or Copilot. |
| Risks Dashboard | Uploads of Data to Non-Corporate Websites Summary | Tracks files uploaded to external websites, helping detect potential leaks of invoices, bank records, or financial reports. |
| | Email Attachments Summary | Monitors financial documents sent as attachments through corporate or personal emails. |
| | Keystrokes Summary | Detects sensitive financial details such as card numbers or account details typed into websites, apps, or chats. |
| | Storage Transfer Summary | Displays files containing financial data copied to USB drives or external storage devices. |
| General Dashboard | DLP Incidents | Lists all policy violations involving financial data, such as detected account numbers or invoices. |
| | DLP Incidents Over Time | Shows trends in financial-data policy violations over a selected time period. |
| SharePoint Dashboard | SharePoint External File Access Logs by File Name or by User Name | Tracks external access to SharePoint files that may include financial data. |
| | SharePoint File Download Logs by File Name | Displays which financial documents were downloaded and by whom. |
3. **Respond Quickly:**
1. Investigate flagged incidents, remove public links or recall emails if needed, Update rules or whitelist approved systems to minimise false positives.
How do I track clipboard copying?
Clipboard copying is currently not supported in GuardWare INSIGHT. INSIGHT does not capture or log text or file data copied to the clipboard. However, you can still detect similar data movement activities using other monitoring features:
* **Keystrokes Summary / Keystrokes (Risks Dashboard)**: Detects when users type or paste sensitive information into websites, chat tools, or applications.
* **Data Transfer using Non-Corporate Websites (Risk Summary Dashboard)**: Identifies files uploaded or transferred to public or unapproved websites after being copied locally.
* **Uploads of Data to Non-Corporate Websites Summary (Risks Dashboard)**: Tracks file uploads that could result from copy–paste actions.
* **Storage Transfer Summary**: Monitors when copied data is saved or transferred to USB drives or external storage.
How do I log and review violations?
GuardWare INSIGHT automatically logs all policy violations detected by the Data Loss Prevention (DLP) rules configured in the Management Console.
To review violations:
1. Go to the General Dashboard
1. Open the DLP Incidents or DLP Incidents Over Time widgets to view all detected violations.
2. Each record includes details such as the user name, rule violated, file or activity type, timestamp, and severity level.
2. Drill down for details
1. Click a specific violation in the DLP Incidents table to open its detailed view.
2. Review the file path, data type, and related actions (e.g., upload, print, email, or download).
3. Cross-check in the other dashboard.
1. Use the Risks Dashboard to identify how and where the violation occurred (e.g., via email, USB, or website).
2. Check the Risk Summary Dashboard for an overview of overall violation trends and severity distribution.
GuardWare INSIGHT does not save or keep a record of your sensitive files. It only keeps records of violations that a user has broken based on configured policies. These violations can be viewed through Audit Reports, which are generated automatically daily. However, if you wish to create incident reports on an ad-hoc basis, you can do so via Audit Reports.
How do I see a user’s web browsing history and time spent per site?
GuardWare INSIGHT logs all web browsing history and the time spent on each site for enrolled users.
To review:
1. Open the Management Console and go to **User Group**.
2. Select the group that contains the user whose web data you want to review.
3. In the right-hand panel, click **Productivity**, then select **Internet Usage**.
4. Click **Advanced Search** and specify the required date and time range.
5. In the **Username** field, enter the user’s ID and click **Search**.
6. Select **View by Website** to display the results. You will see all websites visited by the user, categorised as Productive, Unproductive, or Uncategorized, along with the time spent on each site.
How do we monitor chat apps and web apps (Slack, Teams, web WhatsApp)?
GuardWare INSIGHT logs all application usage history and the time spent on each application for enrolled users.
To review:
1. Open the Management Console and go to **User Group**.
2. Select the group that contains the user whose app usage data you want to review.
3. In the right-hand panel, click **Productivity**, then select **App Usage**.
4. Click **Advanced Search** and specify the required date and time range.
5. In the **Software Name** field, enter the name of the application and click **Search.**
6. Select either **View by User** or **View by Application:**
| **View by User** | **View by Application** |
| ----------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------- |
| If you select **View by User**, you will get a list of users that have used the app in the configured time range. | If you selected **View by Application**, you will get a list of applications that match your search criteria. |
| Click **Total** to view the app usage of the selected user in more detail. | Click **Total Duration** to see the users who have opened or interacted with the application in the selected timeframe. |
| Click **View Chart** to look the app usage statistics (per-hour). | You can also see how long the user has interacted with the application in the **Total Duration** column. |
How do I automate remediation (move/delete) of sensitive files?
Guardware **INSIGHT is designed exclusively for monitoring and controlling user behavior**, including activities such as data access, file usage, uploads, and policy violations. Its capabilities focus on visibility, detection, logging, and blocking of user actions.
Automated remediation is an **exclusive capability of Guardware DISCOVER**. It supports remediation workflows that enable administrators to **move, delete, or notify the device/data owner** of sensitive files.
How to speed up INSIGHT client performance?
Client performance depends on how frequently the endpoint communicates with the server for commands, policies, and status updates. To improve client responsiveness, adjust the communication intervals between the client and server.
**Steps:**
1. Log in to the INSIGHT Management Console.
2. Navigate to **PC Group**.
3. Right-click the required PC.
4. Click **Client Server Communication**.
**Recommended configuration**
* **Client Server Interval**: Reduce this value to allow the client to check for commands more frequently.
* **Settings Interval**: Reduce this value so policy and DLP rule changes are applied faster.
* **Client Status Interval**: Reduce this value to receive more frequent updates on PC status (online/offline).
Lowering these intervals ensures faster communication and quicker application of changes.
How to speed up reporting performance?
Reporting performance depends on how efficiently the client collects and uploads data to the server. To speed up report generation and upload, adjust the report settings.
**Steps:**
1. Log in to the INSIGHT Management Console.
2. Navigate to **PC Group**.
3. Right-click the required PC.
4. Click **Report Settings**.
**Recommended configuration**
* **Report Packet Size**: Increase this value to send more data in a single upload.
* **Report Interval**: Reduce this value so the client checks more frequently for reports to upload.
* **Bulk Report Time**: Reduce this value to trigger more frequent report uploads.
These changes help reduce delays in report availability.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.guardware.com/insight/guardware-insight/frequently-asked-questions/insight-faqs.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.