Policies are marking Incidents as High even though they are not reaching the threshold for high events after upgrade to DLP 16.0.
search cancel

Policies are marking Incidents as High even though they are not reaching the threshold for high events after upgrade to DLP 16.0.

book

Article ID: 265906

calendar_today

Updated On:

Products

Data Loss Prevention

Issue/Introduction

After upgrading the DLP from 15.8 to 16.0, the policies severity levels set in the previous version stopped working. 

Environment

DLP 16.0

Cause

When you upgrade your DLP to 16.0, it is possible that some of the policies severity level might switch back to the default severity making the original policy to not behave as intended.

Resolution

In case, your policy severity level changes after the upgrade to DLP 16.0, you will have to update the policy by making sure that you review the severity level you set under "Detection" and "Groups" tabs and change them back to the original settings. 

 

Powered by Wolken Software