When deleting a policy, it is possible that some other policies (whether active or inactive) will have their associated severity rules incorrectly deleted as a side effect.
This error is seen in Tomcat if JDBC logging is set to FINE:
File: Enforce/logs/tomcat/localhost.2019-08-01.log Date: 8/1/2019 4:17:58 PM Thread: 5531 Level: SEVERE Source: com.vontu.manager Message: [/IncidentReport] Cause: java.lang.IndexOutOfBoundsException: Index: 0, Size: 0 java.lang.IndexOutOfBoundsException: Index: 0, Size: 0 at java.util.ArrayList.rangeCheck(ArrayList.java:653) at java.util.ArrayList.get(ArrayList.java:429) at com.vontu.condition.Operand.getValue(Operand.java:149) at com.vontu.condition.sql.WildCardIgnoreCasePredicate.generate(WildCardIgnoreCasePredicate.java:54) at com.vontu.condition.sql.PredicateHelper.generate(PredicateHelper.java:41) at com.vontu.condition.sql.SQLGenerator.generatePredicate(SQLGenerator.java:461) ...
There is policy metadata which contains the wildcard string for the policyID. This has the potential to select records belonging to other policies whose ID starts with the same digits. Ex: if you delete policy ID 123, all newer policies whose ID starts with 123 (such as 1235, 12374...) will be affected.
This is fixed in DLP 15.7 and later versions, please upgrade to the latest DLP version.
Note - no workaround exists, except to not delete a policy until verifying that NO other policies exist on the system whose IDs begin with the same digits as the policy ID that you want to delete. If necessary to remove a policy with other policies meeting the conditions for this issue, you will need to recreate the missing severity rules for the affected policies on your system. See Article Id: 160638 - Event Code 1803 Policy has no associated severity