When using CloudSOC (CASB) Securlets, there is a long delay between the event and when it shows in CloudSOC.

CloudSOC CASB Securlet for SaaS and IaaS. The average latency to process an event and associated data within the
CloudSOC CASB monitored SaaS or IaaS application usually takes no more than six (6) hours after the occurrence of that event.

Average latency is determined by the monthly average among samples taken by Broadcom SED in a given month. Initial processing of
events and associated data triggered by the activation or re‐activation of a Securlet, rescanning and addition or migration of
new users and their data to the application, is excluded from average latency calculations.

Latency introduced by the SaaS or IaaS application, either due to delayed availability of events and associated data from their API or due to throttling of API
calls made by CloudSOC , or in any way attributable to third party SaaS or IaaS providers, is excluded from average latency
calculations.

DLP Cloud SaaS Listing

Specifically - See page 10 of 11