Best practice on configuring DLP to trigger incidents for documents with Azure Information Protection (AIP) classification label(s) applied.
AIP classification labels have IDs and names.
For example. label: MSIP_Label_XXXXXXXX-YYYY-ZZZZ
Keyword policy defined to search just for the classification name Busine
If you define keyword rule using Name=Busine
Name : Busine
The best option will be keyword rule with proximity match:
but it needs a review of a few test incidents to define proper maximum word distance ( less is better).
Another solution (but may have more false positives than first one ) to cover this type of data is to use label ID ( XXXXXXXX-YYYY-ZZZZ