Configuring DLP to Trigger only on Specific O365 SharePoint Sites
search cancel

Configuring DLP to Trigger only on Specific O365 SharePoint Sites

book

Article ID: 228362

calendar_today

Updated On:

Products

CASB Securlet SAAS With DLP-CDS Data Loss Prevention Data Loss Prevention Enforce Data Loss Prevention Cloud Detection Service for REST

Issue/Introduction

Example: Block files uploaded to a specific site:

https://EXAMPLE.sharepoint.com/sites/CustomerFiles/

Resolution

To exclude a SharePoint site, you can add a Contextual Rule match for (Cloud Applications and API Detection) with the attribute value of Sharepoint Site Name and list its full URL.

Alternatively instead of an exact match use use a regex  .*example.*

Additional Information

SharePoint Site Name can be seen in the DLP enforce incident message by selecting the Open Original Message and look for {"name": "common.sharepoint", "value": ["Your SharePoint site URL"]} 

Powered by Wolken Software