Guides
Secure Access Help Center

Data Loss Prevention Report

View data violations that were detected based on SaaS API rules.

Note: Administrators with de-identification enabled will continue to see identifiable information in the report.

Prerequisites

  • A minimum user role of Read-only. For more information, see Manage Accounts.

Events tab

  1. Navigate to Monitor > Reports > Data Loss Prevention.
  2. In the Last 30 Days menu, select a time frame.
  1. In the Filters pane, make your selections:
  • Action – The action the system has applied to the content: deleted, monitored, quarantined, restored from quarantine, revoked access.
  • Severity – The severity of the rule that triggered the event.
  • Application – Application for which the DLP rule is applied.
  • Exposure – Exposure of the content scanned.
1262
  1. Click the gear icon to customize and sort the columns.
    • Severity–The severity of the rule that triggered the event.
    • Identity–The identity that made the request.
    • File Owner–The identity that made the request.
    • Event Actor – The name of the file where a classification match was found. When content is found in a message or a post, the File name displays Content.
    • Destination –The destination where the content was scanned.
    • Rule–The rule that triggered the event.
    • Action– Action triggered by the rule on detecting a violation.
    • Detected –The date and time of detection.
1772
  1. Click the ellipsis to view further details of an event.

View Details

  1. In an event row, click View details.
1888
  1. The Event Details window includes:
    • Application–The application where the file was uploaded or posted.
    • Destination URL–The URL of the destination for the event.
    • Rule Triggered–The rule that triggered the event.
    • Classification–The classification that matched the content found in the event. Click the caret to display the excerpts where the matches were found.
    • SHA256 Hash–The unique SHA256 hash for the file.
984

Discovery tab

  1. Use Filters to filter the data by Application , Last Modified, and Exposure.
360
  1. Choose a Scan from the drop-down.
  2. Click Apply to view the details.
    Note: Up to 10 recent scans display. The next triggered Discovery Scan removes the oldest scan results in the list.
1736
  1. If there is an ongoing scan, the results display.
2064
  1. Click the ellipsis to view details of a file.
1122

Cloud Malware Report < Data Loss Prevention Report > Admin Audit Log Report

Updated 7 months ago