Data Identifiers Not Being Applied to Cloud Service Detector
search cancel

Data Identifiers Not Being Applied to Cloud Service Detector


Article ID: 248466


Updated On:


Data Loss Prevention Cloud Detection Service Data Loss Prevention Cloud Detection Service for ICAP Data Loss Prevention Cloud Detection Service for REST Data Loss Prevention Cloud Service for Email


When using policies in the Cloud Service that make use of the Data Identifiers, such as Credit Card Numbers, no alerts are triggered in DLP.

But when using the exact same rule for your on-premises detection servers, using the same data, you do see incident events are triggered. 


Release : 15.7+

Component :


Invalid characters in the Data Identifiers are preventing them from being loaded by the Cloud Service.


Firstly, confirm if a bad Data Identifier is the cause of this issue.

For example, try delimiting the policies assigned to the Cloud Detector by removing it from all but a single Policy Group that contains only 1 or 2 simple policies - e.g., a Keyword policy. 

Copnfirm the updated policy assignment on the Cloud Detector by the presence of a new 2705 Event Code - "Configuration file [Policy] delivery complete".

If this test is successful, try adding a single Data Identifier to the policy that has not been modified from default, e.g., a Credit Card DI rule. Test again after confirming the policy update.

If this allows detection with that single Data Identifier, examine the rest of those Data Identifiers in use by other policies, specifically any "Custom" Data Identifiers - or any modified ones (those having the "pencil" icon have been modified from default).

If you have recently added new regular expressions to those DI patterns, try removing them, saving the changes, and recycling the Enforce Server DetectionServerController service.

Afterward, retest to see if your Data Identifiers are successfully detecting incidents.

Additional Information

For a separate issue with corrupt Data Identifiers, that should have been fixed in 15.7, see this KB: Corrupt Validators listed in Data Identifiers causing irregular detection for customers with Cloud Detection Services (