> ## Documentation Index
> Fetch the complete documentation index at: https://hc.saas-manager.biz.nuro.jp/llms.txt
> Use this file to discover all available pages before exploring further.

# 2-0. Distribute the Browser Extension to Detect Shadow IT and Retrieve Service Activity

> How to distribute and install the browser extension.

## What the browser extension does

Installing the browser extension lets you retrieve the last-used date for services that do not expose it through an API.

This enables broader detection of inactive accounts than was previously possible.

The extension can detect SaaS applications registered in the database (currently over 190,000 SaaS tools) as shadow IT.

In addition to detection via Google login, services detected by the extension appear under the **Shadow IT** tab in Integrations. The **Shadow IT** tab shows unconnected SaaS tools among the [Supported integrations and feature matrix](/en/integrations/ey32ki15er-function).

For services not supported by integrations, check detections under Integrations > [Event Log](/en/it-management/shadow-it/oepl0j5y5g-eventlog).

## Supported environments

The values in parentheses indicate supported setup methods.

|         | Edge                          | Chrome                            | Safari        |
| ------- | ----------------------------- | --------------------------------- | ------------- |
| Windows | Supported(MDM/GPO/standalone) | Supported(MDM/GPO/standalone/GWS) | Not supported |
| Mac     | Supported(MDM)                | Supported(MDM/GWS)                | Not supported |

If your environment routes internet traffic through a proxy, the extension automatically uses that proxy as long as it is configured at the browser or OS level. No additional configuration is needed. You cannot specify a proxy that is separate from the OS or browser proxy settings.

## Distribution and setup methods

| Distribution method                              | Details                                                                                                                    |
| ------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------- |
| MDM-based distribution                           | Remote script deployment<br />Remote configuration of registry keys (Windows) / plist (Mac)<br />Extension control via MDM |
| GPO-based distribution via on-premises AD server | [Distributing registry keys via GPO](/en/it-management/shadow-it/qegqblx598-windows-gpo)                                   |
| Single PC setup                                  | Manual distribution of registry keys / plist                                                                               |
| Distribution from Google Workspace Admin Console | Chrome and Google Workspace users only                                                                                     |

## Three steps for rolling out to your organization

1. Verify functionality with the implementation team and review collected data.

   Read through the guide to understand setup procedures, system changes, and network routing. Then complete the actual setup and confirm what data the extension detects.
2. Trial your planned distribution method with a small group.

   Before building out automated distribution, run a pilot with a few users to confirm the mechanism works. Verify it integrates with your onboarding and offboarding workflow.
3. Distribute to all new and existing employees.

   Roll out to the full organization and confirm that collected data increases as expected.

After deployment, use the data to review your shadow IT landscape and monitor SaaS usage across your organization.

## Setup guides

See the following guides. For MDM-based distribution, refer to the guide for your specific MDM product.

|                                                                                                                                                   |                                                                                                                              |
| ------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- |
| [Browser extension setup guide (Windows)](/en/it-management/shadow-it/a496chhkbm-2-7-windows-bat)                                                 | [Distributing the Chrome extension via Google Workspace Admin Console](/en/it-management/shadow-it/bbb2v722bm-extension-bdv) |
| [Distributing and configuring the Chrome extension on Mac using configuration profiles and MDM](/en/it-management/shadow-it/udu2t8mwne-mac-plist) | [Browser extension setup guide (Windows GPO)](/en/it-management/shadow-it/qegqblx598-windows-gpo)                            |

## FAQ

### Q. What data does the extension collect?

A. The extension inspects the URLs and domains of pages accessed in Chrome or Edge. This includes the browser's access history at the time of installation. The event log records the following information.

For details on the event log, see [Event Log: Monitor SaaS usage](/en/it-management/shadow-it/oepl0j5y5g-eventlog).

### Q. Can I view application usage history?

A. No. The extension only collects browser-based access. Native application usage is not captured.

### Q. What does "occurrence time" in the event log refer to? Why does it differ from the actual access time?

A. The "occurrence time" shown in the event log is the time the user ended their session. The extension batches data and sends it to the server once every 30 minutes, so there can be a gap of 20 to 30 minutes between the actual start of access and the recorded time. The last timestamp within that batch (the session end time) is what gets sent and recorded.

### Q. Does the extension update the last-used date obtained from the API?

A. No. The extension does not update the last-used date for SaaS tools that are retrieved directly through an API.

### Q. How long are event logs retained?

A. Event logs are retained and viewable for one year. The default date range filter is set to one month.

### Q. Can the extension detect custom apps such as internal systems?

A. After creating a [custom app](/en/it-management/saas-management/jbzpcipgo5-custome-app), [register a URL for the custom app](/en/it-management/saas-management/jbzpcipgo5-custome-app#faq) to enable detection.

### Q. Does the extension require proxy configuration at the OS level?

A. If your environment routes internet traffic through a proxy, the extension automatically uses that proxy as long as it is configured at the browser or OS level. No additional configuration is needed. You cannot specify a proxy that is separate from the OS or browser proxy settings.

### Q. The extension has been distributed but no events appear in the event log. What should I check?

A. If events are not appearing, follow the steps in [Retrieve Diag data](/en/it-management/shadow-it/344geptwee-diag) to collect Diag data. Then review the collected data using the steps in [How to review Diag data](/en/it-management/shadow-it/344geptwee-diag). If steps ① through ⑤ do not resolve the issue, include the collected Diag data and contact support through the [support inquiry page](/en/it-management/changelog/3e6sz4xzsx-support).
