Printer/Fax Incidents not retaining files when data retention response rule applied
search cancel

Printer/Fax Incidents not retaining files when data retention response rule applied

book

Article ID: 219954

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent Data Loss Prevention

Issue/Introduction

  • You have configured a policy to monitor print protocol only and have applied a response rule to upload the attachment from the endpoint to the incident.
  • You have switched the applicable agent configuration setting to 'Monitor Entire File' under System | Agents | Agent Configuration - as required to retain complete documents as attachments
  • You notice though that no attachment is present in the incident

Environment

  • Release : 15.8
  • Component : Endpoint agent, print protocol

Cause

  • No 'content' scanning rule is present in the policy

Resolution

  • You need to add any content rule - a basic keyword search for example, to the policy as well as the protocol rule for the response rule to successfully return the full document.
  • You also need a 15.8 MP1 agent or greater. Without the latest agent version the attachment saved in the policy will be a .txt format document, not the original document format eg. .docx, .xlsx etc.

 

 

Powered by Wolken Software