Problem 

You need to locate shared files using the Anyone with the Link file share option. In this example, we'll use a view on the Security Dashboard to jump to the Investigation tool, auto-populating a draft investigation for these files.

Steps

1. Open the Security center dashboard.
   Security > Security center > Dashboard
2. On the What does external file sharing look like for the domain card, click View Report.
   
3. Deselect all events except for Anyone with link. Click on each event type to deselect it.
   
4. Scroll down to see those files shared with anyone via a link.
5. To go to the Investigation tool, click New Investigation for one of the files in the list. This is the magnifying button located at the right of each row. 
   
   The Investigation tool opens and populates a draft investigation for the single file selected.
   
6. Select the checkbox for one or more events to take action.
7. Click Actions at the top of the grid.
8. Select the appropriate action: Add users, Audit file permissions, Change owner, Disable download print Copy, Remove users. 
   
9. If you are happy with the investigation you built and want to retain it, click Save Investigation, located on the right.

Note: You cannot view the file contents using the Investigation tool. You need to add yourself to the file using the Add users action. Once added, if the owner is in the file, they will see you in the file. Consider removing the owner and then adding yourself. You can always add the user again if needed.
 

See our full list of Investigation tool recipes.