Does Cisco Cloudlock Activity Appear as User Downloads?

Cisco Cloudlock scans may appear as User Download activity per Google reporting.

Cisco Cloudlock's scans of a customer environment are seen as “User Downloads”, as Cisco Cloudlock utilizes user impersonation logins to access and scan queued files. The files are not actually stored by Cisco Cloudlock, only access content and metadata needed for Incident creation (owner, ACL, activity history, match excerpts, etc.) will be retained in any capacity. This download scan action does not appear in the Activity feed, as Cisco Cloudlock filters this information out by recognizing its own source IP.

However, sometimes Google does not properly report the activity and does not provide the source IP address. When this happens, Cisco Cloudlock cannot recognize and filter out its own activity, and it will show within the customer's activity feed as a User Download.