Data Loss Prevention 1

Data Loss Prevention

Base Rule

Data Loss Prevention Activity

Activity

TS

N/A

N/A

N/A

SESSID

<session>

Text/String

Session information

COMMAND

<command>

Text/String

Command name

USERTYPE

N/A

N/A

Type of user

USERKEY

N/A

N/A

User key informations hexadecimal value

WORKLOAD

<process>

<vendorinfo>

Text/String

Audit log record type

RESULTCODE

<result>

Text/String

Results

OBJECT

<object>

Text/String

Object name

USER

<login>

Text/String

Source user name

SIP

<sip>

Ip Address

Source IP address

SharePointMetadata.From

<sender>

Text/String

N/A

SharePointMetadata.ItemCreationTime

N/A

N/A

N/A

SharePointMetadata.SiteCollectionUrl

N/A

N/A

N/A

SharePointMetadata.FileName

<object>

Text/String

N/A

SharePointMetadata.FileOwner

N/A

N/A

N/A

SharePointMetadata.FilePathUrl

N/A

N/A

N/A

SharePointMetadata.DocumentLastModifier

N/A

N/A

N/A

SharePointMetadata.DocumentSharer

N/A

N/A

N/A

ExchangeMetadata.MessageID

N/A

N/A

N/A

ExchangeMetadata.From

<sender>

Text/String

N/A

ExchangeMetadata.To

<recipient>

Text/String

N/A

ExchangeMetadata.CC

N/A

N/A

N/A

ExchangeMetadata.BCC

N/A

N/A

N/A

ExchangeMetadata.Subject

<subject>

Text/String

N/A

ExchangeMetadata.Sent

N/A

N/A

N/A

SensitiveInfoDetectionIsIncluded

N/A

N/A

N/A

ExceptionInfo.Reason

N/A

N/A

N/A

ExceptionInfo.Justification

N/A

N/A

N/A

ExceptionInfo.FalsePositive

N/A

N/A

N/A

PolicyDetails

N/A

N/A

N/A

PolicyName

<poilcy>

Text/String

N/A

Rules.RuleName

<objectname>

Text/String

N/A

Rules.Actions

N/A

N/A

N/A

Rules.Severity

<severity>

Text/String

N/A

Rules.RuleName

N/A

N/A

N/A

Rules.ConditionsMatched.SensitiveInformation.Confidence

N/A

N/A

N/A

Rules.ConditionsMatched.SensitiveInformation.Count

N/A

N/A

N/A

Rules.ConditionsMatched.SensitiveInformation.DocumentProperties

N/A

N/A

N/A

Rules.ConditionsMatched.SensitiveInformation.OtherConditions

N/A

N/A

N/A

AccessScope

N/A

N/A

N/A