search cancel

Cloud Detector isn't creating incidents as expected in EDM policy


Article ID: 242214


Updated On:


Data Loss Prevention Cloud Service for Email


You are testing detection and can see that you DLP Cloud Detector isn't correctly applying response rules for policies using EDM conditions.

If you change the policy and set to match a keyword, for example, the response is executed.



Release : 15.8

Component :


Corrupt indexes can prevent the Cloud Service from successfully loading a profile, interfering with incident response.


Confirm that your EDM indexes are being completed without any errors.

In some cases, corrupt index profiles (or profiles indexed from an EDM profile created on a different source Enforce Server) will fail to load properly on the Cloud Service.

This issue is described in the following KB: New Cloud Detection or Cloud Email server added to DLP is not detecting any data uploads or accepting emails (

Additional Information

Check whether any alerts about your Cloud Service have been sent to the email address of your Cloud Service admin.

Failing indexes that cause issues with your service may result in alerts sent by the DLP Cloud Operations Team at Broadcom.