## Storage monitoring SharePoint integration The Glasswall Halo storage monitoring service supports integration with SharePoint document libraries, allowing [supported file types](/halo/glasswall-halo-supported-file-types) to be sanitized automatically when uploaded to a monitored library. --- ## Monitoring a SharePoint document library To configure monitoring, users must supply: - The **Site ID** - The **Drive ID** (i.e. the document library ID) These details can be retrieved using endpoints provided by the Halo Storage Monitoring API. For more information, refer to [Storage Monitoring API](https://api.docs.glasswall.com/storage-monitoring-V1). Each monitor can optionally be configured with: - A **custom policy** If no custom configuration is provided, the monitor will use the default policy. Monitors can be updated or removed at any time to adjust policies. **Note:** policies used by monitors are locked and cannot be deleted until they are unlinked. To unlock a policy, reassign affected monitors to a different policy or delete the monitors. Once a monitor is active, it automatically performs the following for each supported file uploaded to the monitored document library: 1. Checks the file out 2. Downloads the file 3. Applies sanitization 4. Re-uploads the clean file 5. Checks the file back in If Halo cannot process an uploaded file, the original file remains unchanged. **Note:** SharePoint maintains version history for all files, enabling users to view or restore earlier versions — including the original (pre-sanitized) upload. --- ## SharePoint metadata considerations When files, particularly OOXML documents, are uploaded to SharePoint, SharePoint may append a metadata package to the file. This is influenced by the document library and content type configuration. **Important:** this added metadata may cause sanitized files to appear “risky” if downloaded again and re-analyzed. The metadata package may include: - Tag fields, OCR text, media dates, structured search properties - SharePoint form templates for user interaction - Structures supporting taxonomy and enterprise metadata - InfoPath and Office integration components Depending on your organization’s SharePoint setup, **sensitive metadata** might also be included, such as: - Internal content type structures - Custom fields or taxonomies - User-specific metadata (e.g.,`dc:creator`,`lastModifiedBy`, Workflow IDs) - `GUIDs`Or`itemIDs`Which, while not inherently dangerous, may expose internal system patterns useful to attackers.