Views:

Provides specific information about incidents detected by Data Loss Prevention

Table 1. DLP Incident Information

Data

Description

Received

The date and time Apex Central received the data from the managed product

Generated

The date and time the managed product generated the data

Incident ID

The identifier of the incident

Severity

The severity level of the event

Status

The detection status of the incident

Manager

The name of the manager of the department

Department

The name of the department

Policy

The policy that triggered the detection

Product Entity/Endpoint

The name of the endpoint

Product

The name of the managed product or service

Example: Apex One, ScanMail for Microsoft Exchange

Product/Endpoint IP

Depending on the related source:

  • The IP address of the managed product server

  • The IP address of the endpoint

Product/Endpoint MAC

Depending on the related source:

  • The MAC address of the managed product server

  • The MAC address of the Security Agent endpoint

Managing Server

The display name of the managed product server in Apex Central to which the endpoint reports

Endpoint

The IP address or host name of a computer with an agent (for example, Apex One agent) installed

Incident Source (AD Display Name)

The Active Directory display name of the incident source

Incident Source (AD Account)

The Active Directory account name of the incident source

Incident Source (Sender)

The source email address

Website

The URL of the website that triggered the incident

Recipient

The destination email address

Subject

The subject of the email message

File Location

The location and the name of the file

File

The name of the file from which the incident was triggered

File/Data Size

The size of the file or data that triggered the incident

Rule

The name of the rule triggered by the incident

Template

The name of the template in which a template match was triggered

Channel

The entity through which a digital asset was transmitted

Destination

The destination of the transmission

Action

The action taken by the managed product

Incidents

The number of incidents

Cloud Service Vendor

The name of the cloud service vendor