VML policy not generating incidents in cloud but working on prem
search cancel

VML policy not generating incidents in cloud but working on prem

book

Article ID: 215043

calendar_today

Updated On:

Products

Data Loss Prevention Cloud Detection Service

Issue/Introduction

  • You have a Cloud Detection Server (CDS) as well as on-prem servers.
  • You notice that your Vector Machine Learning (VML) profile has not replicated to the CDS, although the on premise detection servers have it

 

Environment

Release : 15.x

Component : CDS, Vector Machine Learning (VML) policy

Cause

It is likely that the CDS was added to the Enforce whilst the VML profile was in training mode.

Resolution

  • Under current design it is not possible to have a VML policy replicate to a newly added CDS even if the VML has a prior version of the profile that is active on the on-prem servers
  • A documentation bug has been raised to alert customers of this in the Adding a Detection Server section.
  • Feature requests have been raised to allow a VML profile to be cancelled if it is in training mode.

Currently the only workaround is to completed the training for the VML profile

 

Powered by Wolken Software