search cancel

How to configure a DLP Discover Scan to return a list of PST files on a target


Article ID: 163666


Updated On:


Data Loss Prevention Network Discover


It is desired for DLP Network Discover to return a list of incidents that, in effect, create a list of PST files found on a Discover Target.


This functionality is not germane to the use-case for DLP, but it is possible to do.


The configuration for this to work is very specific:


Message Attachment or File Type Match - Microsoft Outlook (MSG, PST)


Message Attachment or File Name Match - *.pst

The Discover server MUST have Outlook installed.

The Discover scan must NOT have "Scan PST Files" selected.

This is the only configuration that will return a list of PST files.

As an alternative, you can leverage the dir command from an Admin cmd prompt, with the content root as the current directory on the cmd prompt:

dir /b /s *.pst >list.txt

This will return a text file called list.txt in the current directory of all the files ending with .pst.