There are a variety of scans available for sensitive data, the following guide will explain each scan type and how you can set these up for your Confluence.

To reach the Scan Options page please do the following:

:Cog: Settings > Compliance Configuration > Detection > Scan Options

This page allows you to do three important actions: view scan status, change scan options and perform manual scans.

View Scan Status

The progress bar will show whether all the pages in scope (which you set prior) have been scanned. If the progress is not 100%, this means there are pages that you have required to be scanned but have not been scanned. Depending on the scan options you've picked, this is not necessarily something you need to take action for. This is explained further in the next section.

Change Scan Options

This allows you to choose whether the scan takes place in real time (as the pages are created/updated) or on a scheduled basis.

When a scheduled scan is selected, you're required to choose an acting user. Scanning requires pages to be retrieved which may have different permissions, hence Atlassian requires it to be run as a particular user. This means the pages that are scanned will be ones that this user has permission to access. 

You can select one (or both) of these options, and please ensure to click "Save" afterwards. Selecting both adds an extra layer of security in that any pages that might have been missed by the real time scan will be picked up by the scheduled scan.

Perform Manual Scans

This allows you to run a scan manually.

Primarily these will be used when you have just set up Compliance for Confluence or when you've just updated to the version that has the Sensitive Data Analysis feature. If you believe that there are Confluence pages in scope that have not been scanned can use this feature to get up-to-date.