Storage Monitoring OneDrive Integration
The Glasswall Halo Storage Monitoring Service integrates seamlessly with OneDrive user drives, automatically sanitizing supported file types as they are uploaded to monitored drives.
Prerequisites
Before configuring OneDrive monitoring, ensure the following:
- The Storage Monitoring service is deployed and running
- An application is registered in Microsoft Entra ID with the appropriate permissions
- The applicationโs client ID, tenant ID, and client secret are stored in Azure Key Vault
- You have access to the Halo Storage Monitoring API
For guidance, refer to the Halo Storage Monitoring setup guide.
Monitoring a User's Drive
To set up monitoring, youโll need:
- User ID of the OneDrive owner
You can retrieve the User ID using an endpoint provided by the Halo Storage Monitoring API. See the Storage Monitoring API documentation for details.
Optional Configuration
You can optionally customize each monitor with:
- A custom policy
- A failure-handling strategy:
- Replace failed files with a failure report
- Leave the original file in place (not recommended for sensitive environments)
If no custom settings are applied, the default policy is used, and failed files are left in place.
Monitors can be updated or removed at any time to change policies or handling behavior.
Important: Policies linked to active monitors are locked and cannot be deleted. To remove a policy, first reassign or delete any associated monitors.
How Monitoring Works
Once activated, the monitor automatically performs the following for each supported file uploaded to the monitored drive:
- Checks out the file
- Downloads the file
- Applies sanitization
- Re-uploads the cleaned file
- Checks the file back in
Note: OneDrive retains version history for all files, allowing users to view, download, or restore earlier versions โ including the original, pre-sanitized file.