On Content analysis system application, Cloud sandboxing analysis is enabled, and (license also enabled), and as a test a new file type is created but it does not seem to be submitted whereas "wait for result" has been enabled for it and maximum individual file size is far inferior to the limit. 

CAS-MA

Possible implementation gap.

Licensing: Ensure that Symantec Cloud Sandboxing is fully licensed, and shows up as "Active" in the Licensing tab. See the snippet below, as reference.

With Cloud Sandboxing, first, please ensure the steps in the Tech. Article with the URL below are executed.

Perform Sandbox Analysis in the Cloud

Now, When significant events occur (such as when malware is found or a file is blocked), you can have Content Analysis notify you by sending an email, an alert log entry, or a syslog entry, or an SNMP trap. For each type of event that you want to be notified about, select the desired alert delivery method. See the snippet below, as sample.

Ref.: Set Up Alert Delivery Methods

Next, note that with real-time sandbox analysis, the user does not receive the requested file until the sandbox determines whether the file is safe or malware. Real-time sandbox analysis is not enabled by default for any file types or extensions. You must enable the "Wait for Result" option only for those file types/extensions that Content Analysis sends to the sandbox for real-time analysis. The response for this may come only later, and can be tacked via the logging you would have set up, and already guided above.

So, since this is a new implementation, the better recommendation, to test workability, would be to have Content Analysis simultaneously sends the file (for both real time and not real time analysis, to the sandbox and the user. When the sandbox later comes back with a response, Content Analysis caches that response. Future requests of the file are blocked or allowed based on the cached response.

Note 2: Verify that the Edge SWG appliance is configured to support ICAP feedback (Trickle object data at end) to provide users with feedback during the scan. That option is available in the Edge SWG appliance Admin Console: Configuration > Content Analysis > ICAP > ICAP Feedback.

 Outside of "Application (.exe)", all other file types should generally be set to "Sandbox". See the snippet below, as reference.

Note 3: Ensure to Define the Timeout (seconds) duration that Content Analysis waits for real-time sandboxing results. The default value is 0, which results in Content Analysis waiting until the sandboxing analysis is complete regardless of the duration. This field supports values of up to 600 seconds.

Warning: 

Because the time it takes to analyze files in sandboxes can vary from a few seconds to a few minutes, enabling real-time sandbox scanning can result in an increase in the number of open ICAP connections between the Edge SWG appliance and Content Analysis. After the maximum number of ICAP connections are used, ICAP requests are queued on the Edge SWG appliance. You can monitor ICAP queues from Edge SWG appliance Admin Console: Reports > Content Analysis.

Particularly for your test, you may not go with the real time analysis.

Ref.: Configure Content Analysis Sandbox General Settings

Further more, with the "ma" log, you are able to track all that's going on with Sandboxing, be it On-box sandboxing or Cloud Sandboxing. See the snippet below, for guidance on how to access/download this log file.

Important: Where the Sandboxing events aren't seen within any of the logs, it's a clear indication of either incomplete, or incorrect, configuration/implementation. Where the implementation is done correctly/completely, any other issues would be identified with specific errors/warnings, and can also be seen within the log data