External DLP PCI Polcies do not trigger Gatelet Incidents for .docx or .txt Files

book

Article ID: 224121

calendar_today

Updated On:

Products

CASB Gateway

Issue/Introduction

Unable to trigger external DLP incidents for uploaded PCI content as a .txt or .docx files to the Microsoft OneDrive fat client.   Using a browser to upload to o365 onedrive the policy triggers.

 

 

 

Resolution

.docx files were fixed in CASB version 3.133.

Broadcom is no longer able to reproduce the issue with .txt files.

Additional Information

To troubleshoot similar issues in the future please provide the following to support:

  • Screenshot of the DLP policy, Scanfilter (application detection) and any incident where possible.
  • Screenshot of the upload event in CASB investigate, the external DLP incident event if possible.
  • A fiddler or .har trace. The trace will show an external perspective of the upload event.
  • The file that was uploaded.
  • It is best practice to upload a file with a unique timestamp.
  • If your testing a fat client such as OneDrive, verify with a browser.
  • Test with a different Gatelet in the event it is SaaS specific.