Printer/Fax Incidents not retaining files when data retention response rule applied
Article ID: 219954
Data Loss Prevention Endpoint Prevent
Data Loss Prevention
- You have configured a policy to monitor print protocol only and have applied a response rule to upload the attachment from the endpoint to the incident.
- You have switched the applicable agent configuration setting to 'Monitor Entire File' under System | Agents | Agent Configuration - as required to retain complete documents as attachments
- You notice though that no attachment is present in the incident
- Release : 15.8
- Component : Endpoint agent, print protocol
- No 'content' scanning rule is present in the policy
- You need to add any content rule - a basic keyword search for example, to the policy as well as the protocol rule for the response rule to successfully return the full document.
- You also need a 15.8 MP1 agent or greater. Without the latest agent version the attachment saved in the policy will be a .txt format document, not the original document format eg. .docx, .xlsx etc.