Configuring DLP to Trigger only on Specific O365 SharePoint Sites
search cancel

Configuring DLP to Trigger only on Specific O365 SharePoint Sites

book

Article ID: 228362

calendar_today

Updated On: 06-20-2025

Products

CASB Securlet SAAS With DLP-CDS Data Loss Prevention Data Loss Prevention Enforce Data Loss Prevention Cloud Detection Service for REST CASB Security Advanced IAAS CASB Security Premium CASB Security Standard CASB Securlet SAAS

Issue/Introduction

Example: Block files uploaded to a specific site:

https://EXAMPLE.sharepoint.com/sites/CustomerFiles/

Resolution

To exclude a SharePoint site from the policy, you can add a Contextual Rule match for (Cloud Applications and API Detection) with the attribute value of Sharepoint Site Name and list its full URL.

You can also use the regex instead of an exact match. For example, you can use use a regex  .*example.*

Alternatively, you can add the exclusion in the application detection. This allows you to assign multiple policies to this exclusion (via a policy group): 

In the Folder Paths, following the format: /filter:/url/EXAMPLE.sharepoint.com/sites/CustomerFiles/

 

Additional Information

SharePoint Site Name can be seen in the DLP enforce incident message by selecting the Open Original Message and look for {"name": "common.sharepoint", "value": ["Your SharePoint site URL"]}