Working with the Location details page
NAVIGATION Organizations > select an organization > select a location
SECURITY Datto EDR subscription with administrator or analyst-level platform access or Datto AV subscription with administrator or analyst-level platform access
BEFORE YOU BEGIN The type of subscription you have may define the features available to you on this page. For a comprehensive overview of features available to Datto EDR and Datto AV customers, refer to Datto EDR and Datto AV access control.
The Location details page enumerates all of the devices assigned to a specific location, their details, and the open alerts for each.
This article describes the page's layout and functions.
Overview
-
In the top navigation menu of your instance, click Organizations.
-
The All Organizations page will load. Click the name of the client organization you'd like to view.
-
The Organization details page opens.
-
Select a location by clicking its name.
-
The Location details page opens.
-
As you navigate, you'll see the following features and fields:
Organizations, locations, and devices with an icon preceding their name are synced from Datto RMM. Entities with an icon preceding their name are synced from VSA 10. Special conditions apply to these entries. Learn more in our Understanding the Datto EDR + Datto RMM integration and Configuring the VSA 10 integration articles.
Feature | Definition |
Download Agent |
Invokes a download menu containing the agent installers associated with the location; also provides a mechanism to copy the terminal commands and download link for use in advanced deployment scenarios |
Move |
Enables you to move the current location to a different organization NOTE Locations synced from Datto RMM cannot be moved, renamed, or deleted from Datto EDR. |
Actions menu; provides options to edit or delete the location, schedule a scan, enable or disable monitoring, or upload a survey file |
Click any organization name or device count to open a pivot report filtered to the selected item.
The Assigned Policies table enables you to manage the location's assigned Ransomware Detection and Windows Defender policies. Learn more in Policy List.
Field or feature name | Definition |
Assign Policy |
Click to assign a policy to the organization or location |
Name |
The name of the policy |
Description |
The extended description of the policy's purpose, functions, and any other pertinent information |
The type of policy |
|
Assigned To |
Indicates whether the policy has been applied at the organization or location level |
Assigned On |
The date and time at which the policy was assigned to the organization or location |
Updated On |
The most recent date and time at which the policy was updated |
Status |
Indicates whether the policy is enabled or disabled |
Actions menu; enables you to enable, disable, or unassign the policy |
Click any device name to open a pivot report filtered to the selected item.
Devices with an icon preceding their name are synced from Datto RMM. Learn more in our Understanding the Datto EDR + Datto RMM integration article.
Column header | Definition |
Search |
Enter a partial or whole value to filter current view to matching records |
Devices |
Count of the total devices in the current filter view |
Scan |
Runs an on-demand threat scan of all monitored hosts; to learn more, review our Performing a manual scan article IMPORTANT This button will be unavailable if no devices are active. |
Device |
User-friendly name assigned to the endpoint in Datto EDR |
Version |
The version of the Datto Endpoint Security agent installed on the endpoint |
Host name & IP |
Host name and IP address of the endpoint |
OS |
Operating system installed on the endpoint |
Last Seen | Last date and time that the EDR platform received telemetry from the host |
Status | Details whether the device is currently monitored by Datto EDR or Datto AV |
Alerts |
The number of unacknowledged alerts open for the device |
Actions menu; enables you to move, rename, or delete the selected device NOTE Devices synced from Datto RMM cannot be moved, renamed, or deleted from Datto EDR. |
Datto EDR customers have access to live forensics and continuous host monitoring built into a single cloud-based platform. Our ASSESS, MONITOR, and RESPOND methodologies enable quick identification of and response to Advanced Persistent Threats (APTs), ransomware, and other malware (file-based or fileless) in your environment, regardless of the locality (including remote or distributed networks).
We refer to this comprehensive solution as Real-Time Security (RTS).
Enabling Real-Time Security
Datto EDR subscribers can enable Real-Time Security on one or all of their devices. All endpoints that you intend to monitor in this manner must reside in "Monitored" locations in EDR. As a result, you may need to relocate some devices to other locations if they are not all to be monitored with RTS. For more information, refer to Creating and managing organizations, locations, and devices.
Due to the enhanced capabilities of RTS, and more efficient use of the asset's resources, you do not need to schedule regular scans. However, if you wish, you can still do so.
To enable Real-Time Security, perform the following steps:
-
In the top navigation menu of your instance, click Organizations.
-
The All Organizations page will load. Click the name of the client organization you'd like to view.
-
The Organization details page opens.
-
Select a location by clicking its name.
-
The Location details page opens.
-
At the top of the page, click the icon.
-
Select Monitor from the menu that opens.
-
Select any extensions you would like to have running on the monitored endpoints, and note the scheduled time that the daily analysis will take place independent of RTS monitoring.
-
Click Enable Monitoring.
-
The Datto Endpoint Security agent will deploy to all endpoints in the location. The following conditions will apply to monitored devices:
-
Any processes started will be stored and uploaded every 15 minutes, including any embedded shell scripts.
-
A daily differential forensic analysis will upload modules, autostarts, and other artifacts not found within the last 30 days. You can customize the time of the daily analysis at > Admin > Settings > Location Monitoring.
-
For more information about how RTS interacts with your devices, review our How does RTS impact the overall performance and usage of the agent? and What impact will it have on processor, memory, or network utilization? topics.
Additional Resources
The following articles describe workflows that are available from this page: