Upon configuration of the AlienApp for SpyCloud Dark Web Monitoring, the AlienApp for SpyCloud Dark Web Monitoring scheduled job collects new records every 24 hours for all validated watchlist items. The AlienApp for SpyCloud Dark Web Monitoring also supports a manual action that you can use to collect all historical records for your watchlist items.
Important: If you run this action after the automated collection job has already collected SpyCloud database records or if you have run this action before, it will result in duplicate events and alarms within USM Anywhere.
To collect the historical breach records
- In USM Anywhere, go to Data Sources > Integrations.
Click the AlienApps tab.
On the AlienApps page, click the Dark Web Monitoring tile.
- If needed, select the Sensor where the AlienApp is enabled and configured.
- Click the Actions tab.
Click Run to execute the action.
In the Select Action dialog box, click Run.