DLP Incident Information

This data view provides information about Data Loss Prevention (DLP) incidents.

Table 1. DLP Incident Information

Data

Description

Received

Displays the time when Control Manager received the log

Generated

Displays the time when the log data was generated in the managed product

Incident ID

Displays the identifier of the incident

Severity

Displays the severity level of the incident

Status

Displays the detection status of the incident

Manager

Displays the name of the manager of the department

Department

Displays the name of the department

Policy

Displays the policy that was violated

Product Entity/Endpoint

This data column displays one of the following:

  • The entity display name for a managed product. Control Manager identifies managed products using the managed product's entity display name

  • The IP address or host name of a computer with an agent (for example, OfficeScan agent) installed

Product

Displays the name of the managed product. Example: OfficeScan, ScanMail for Microsoft Exchange

Product/Endpoint IP

This data column displays one of the following:

  • The IP address of the server on which the managed product installs

  • The IP address of a computer with an agent (for example OfficeScan agent) installed

Product/Endpoint MAC

This data column displays one of the following:

  • The MAC address of the server on which the managed product installs

  • The MAC address of a computer with an agent (for example OfficeScan agent) installed

Managing Server

Displays the entity display name for a managed product to which an endpoint is registered. Control Manager identifies managed products using the managed product's entity display name

Endpoint

Displays the IP address or host name of a computer with an agent (for example OfficeScan agent) installed

Incident Source (AD Display Name)

Displays the Active Directory display name of the incident source

Incident Source (AD Account)

Displays the Active Directory account name of the incident source

Incident Source (Sender)

Displays the source email address

Website

Displays the URL of the website that triggered the incident

Recipient

Displays the destination email address

Subject

Displays the subject of the email message

File Location

Displays the location and the name of the file

File

Displays the name of the file from which the incident was triggered

File/Data Size

Displays the size of the file or data that triggered the incident

Rule

Displays the name of the rule triggered by the incident

Template

Displays the name of the template in which a template match was triggered

Channel

Displays the entity through which a digital asset was transmitted

Destination

Displays the destination

Action

Displays the action taken on the incident

Incidents

Displays the number of incidents

Cloud Service Vendor

Displays the name of the cloud service vendor