The Type column in an Incident list exported to CSV shows incorrectly for Application Incidents
search cancel

The Type column in an Incident list exported to CSV shows incorrectly for Application Incidents

book

Article ID: 279199

calendar_today

Updated On:

Products

Data Loss Prevention Enterprise Suite Data Loss Prevention Enforce Data Loss Prevention

Issue/Introduction

When one exports the list of Application Incidents from the Enforce console and views the output the Type does not correspond correctly to the Application. 

For example here we have an extract of a CSV export which shows the incorrect type Google Drive for Office 365 incidents: 

The first incident Type is correct but others are may not be. 

Environment

DLP 16.0.1 (RU1)

Cause

As you can see from the csv export example below the type of Box is shown for the second Office 365 Onedrive incident and the subsequent Microsoft Teams is shown for Gmail Incident.

This behavior is true in the UI also. When you hover over the incident you can see that the incorrect type is shown for the incident.

Type,Date,ID,Application Name,Policy,Incident Match Count,Severity,Status
Box,8/26/19 5:04 PM,3057,Box,test policy2,3,High,New
Box,2/4/20 11:38 PM,3114,Office 365 OneDrive,test policy2,100,High,New
Microsoft Teams,9/3/21 10:29 AM,8413,gatelet.microsoftteams,Payment Card Industry Data Security Standard -sharon,38,High,New
Microsoft Teams,9/8/21 10:03 AM,8439,Gmail,Payment Card Industry Data Security Standard -sharon,38,High,New
Microsoft Teams,9/18/21 2:31 PM,8614,Office 365,Payment Card Industry Data Security Standard -sharon,8,High,New

Resolution

There are currently no workarounds.

This is a known defect - Issue ID: CRE-16521

Broadcom will deliver a fix in a future release for the defect. The exact version is to be confirmed. 

 

Powered by Wolken Software