A specific Securlet is not triggering incidents from a DLP policy.

Follow these steps to troubleshoot this issue.

• Check that Securlet generates normal "Supported Activities" shown in Tech Doc  in CloudSOC Investigate (Eg. login, logout, upload, download)
• If No Events at all are generated within approximately 6 to 24 hours - troubleshoot the CloudSOC Securlet.
• If Yes Events are seen - Create a very simple DLP Enforce policy to trigger a keyword match.
• Re-sync the Securlet by following these steps.
  
  • Rebuild the "CloudSOC Securlet" application detection scan filter
  • Recycle the Monitor Controller
  • Give the re-sync about 12 hours to run
• After time for re-sync, attempt to trigger the simple keyword policy

The re-sync should solve the problem. If it does not log a case with DLP Enforce to troubleshoot DLP CDS Cloud connector issues.