# Managing DSPM data analysis {% note info %} The data analysis feature is currently in [Preview](../../../overview/concepts/launch-stages.md) and provided free of charge. Upon General Availability, data analysis will be billed independently of data source [scans](../../concepts/dspm.md#scanning). {% endnote %} [Data analysis](../../concepts/dspm.md#discovery-mode) is the first stage of DSPM [Data management](../../concepts/dspm.md). It is intended to automatically detect, identify, and catalog resources that may contain sensitive data within a selected [environment](../../concepts/workspace.md). You can [save](#save-results) the data analysis results to a local file or to a Yandex Object Storage [bucket](../../../storage/concepts/bucket.md). ## Getting started {#before-begin} Before you start using the DSPM module, set up your [workspace](../../concepts/workspace.md) and specify the default folder to store [Data Security Posture Management](../../concepts/dspm.md) (DSPM) data: {% list tabs group=instructions %} - Security Deck UI {#console} 1. Go to [Yandex Security Deck](https://center.yandex.cloud/security/). 1. In the left-hand panel, select ![database-magnifier](../../../_assets/console-icons/database-magnifier.svg) **DSPM**. 1. If the Security Deck settings window opens, this means the DSPM data storage folder has not been configured. Under **Choose your default folder**, select a folder to store the module data by default and click **Save** at the bottom of the page. 1. If the **DSPM** UI opens, this means the module's data storage folder has already been configured, so you can continue working. You can change the **DSPM** data storage folder path. To do this, navigate to the **Settings** tab. Under **Default storage**, select another folder. 1. Activate DSPM in the current workspace. To do this, click ![wrench](../../../_assets/console-icons/wrench.svg) **Configure DSPM** at the top right. In the window that opens, navigate to the **Control modules** tab. Under **Control modules**, select the **Data Security Posture Management (DSPM) ** module and click **Save**. If you have no workspaces yet, [create](../workspaces/create.md) one and activate the **Data Security Posture Management (DSPM) ** when creating the workspace. {% endlist %} ## Viewing analysis results {#view-results} The summary for preliminary analysis of resources in the environment is available in the **Data analytics** section of the DSPM module. To see it, do the following: {% list tabs group=instructions %} - Security Deck UI {#console} 1. Go to [Yandex Security Deck](https://center.yandex.cloud/security/). 1. In the left-hand panel, select ![Database-Magnifier](../../../_assets/console-icons/database-magnifier.svg) **DSPM** and go to the **Data analytics** tab. The page displays information about the number and total size of files found in the environment's resources that may potentially contain sensitive data: * A list of clouds, folders, and buckets that host objects potentially containing sensitive information. The number of files found and their total size are indicated for each cloud, folder, and bucket. * Infographics showing the number of files found by type and their size as a percentage. Click **More details** to expand the diagram and show more detailed information. 1. If required, use filters to get specific information about resources and the types of files found in them: * Optionally, under **Resource**, select the resources you want analyzed. If needed, use the **Search by resource name** filter to view resources by cloud, folder, or bucket name. * Optionally, under **Buckets**, select **Public** for the analysis to only display information about objects located in buckets with [public access](../../../storage/concepts/bucket.md#bucket-access). * Optionally, under **Formats**, select the [MIME types](https://en.wikipedia.org/wiki/Media_type) of files you want analyzed: * `Scannable`: Files of all supported MIME types. * `Office documents`: Text files of MIME types such as `Text files`, `text/plain`, etc. * `Office documents`: Document, table, and presentation files of MIME types such as `application/msword`, `application/vnd.ms-excel`, etc. * `PDF documents`: Document files of MIME type `application/pdf`. * `Images`: Image files of MIME types such as `image/bmp`, `image/gif`, etc. * `Email and messages`: Message files of MIME type `message/rfc822`. * `Specialized formats`: Files in specialized formats such as `application/x-x509-cert; format=pem`, etc. To reset the applied filters, click ![arrow-rotate-left](../../../_assets/console-icons/arrow-rotate-left.svg) **Reset**. {% endlist %} ## Saving analysis results {#save-results} To save a summary for preliminary analysis of environment resources to a file or bucket: {% list tabs group=instructions %} - Security Deck UI {#console} 1. Go to [Yandex Security Deck](https://center.yandex.cloud/security/). 1. In the left-hand panel, select ![Database-Magnifier](../../../_assets/console-icons/database-magnifier.svg) **DSPM** and go to the **Data analytics** tab. 1. Click ![arrow-down-to-line](../../../_assets/console-icons/arrow-down-to-line.svg) **Export** and select: * ![arrow-down-to-line](../../../_assets/console-icons/arrow-down-to-line.svg) **Download results by file** to save the analysis results to a local file. In the window that opens, click **Download**. {% note info %} You can save no more than 10,000 log lines to a local file. To export a larger number of lines, export the analysis results to a bucket. {% endnote %} * ![folder-arrow-up-in](../../../_assets/console-icons/folder-arrow-up-in.svg) **Export results to bucket** to save the analysis results to an Object Storage bucket. In the window that opens: * In the **Bucket** field, select the bucket to save the results to. * In the **Path to bucket** field, set the [prefix](../../../storage/concepts/object.md#folder) of the object to save the results to. * In the **File name** field, specify the name of the file to save the results to. The file will automatically get the `.csv` extension. * In the **Service account** field, select the service account on whose behalf export will be done. You must have the right to use the selected service account, i.e., the `iam.serviceAccounts.user` [role](../../../iam/security/index.md#iam-serviceAccounts-user) or higher, and the service account must have the following roles: * [`storage.uploader`](../../../storage/security/index.md#storage-uploader) for the selected bucket. * [`kms.keys.encrypter`](../../../kms/security/index.md#kms-keys-encrypter) for the [encryption key](../../../kms/concepts/key.md) if the bucket is [encrypted](../../../storage/concepts/encryption.md). * Click **Export** to export the analysis results to the bucket. If the selected service account does not have enough permissions for the operation, the information about this will be displayed on the **Parameter validation** tab. Expand the section with information about missing roles, select the service account, and click ![list-check](../../../_assets/console-icons/list-check.svg) **Assign roles** to grant the lacking permissions to this service account. Then click **Export** again. {% endlist %} #### See also {#see-also} * [Data Security Posture Management (DSPM)](../../concepts/dspm.md) * [Security Deck workspaces](../../concepts/workspace.md) * [Creating a DSPM data source](create-data-source.md) * [Creating a DSPM scan](create-scan.md)