Monitoring "AzCopy" tool using Global Application Monitoring
search cancel

Monitoring "AzCopy" tool using Global Application Monitoring


Article ID: 247628


Updated On:


Data Loss Prevention Endpoint Prevent


AzCopy is widely used tool from Microsoft to copy data from local drive to Azure cloud storage.

After configuring this app in global application monitoring configuration, data transfer using "azcopy copy" command is getting monitored for sensitive data. But, if customer use ".\azcopy copy" command, data transfer is not getting monitored.


DLP Endpoint agent 15.8 MP2


This has been identified as a product defect and will be fixed in a future DLP release.


Below workaround can be applied until a fix is available. 

Run AzCopy tool from C: drive (root drive) instead of running it from any other folder like "C:\temp" or "C:\AzCopy". If "azcopy.exe" is kept in C: drive and ".\azcopy copy" command is used to transfer data, this traffic will get monitored for sensitive data.