Sudden decrease in the number of incidents being reported to Enforce
search cancel

Sudden decrease in the number of incidents being reported to Enforce

book

Article ID: 390663

calendar_today

Updated On:

Products

Data Loss Prevention Core Package Data Loss Prevention Data Loss Prevention Endpoint Discover Data Loss Prevention Enforce

Issue/Introduction

A report from your analysts indicates a low incident intake of incidents, lower than normal.
Starting last Friday, the number of endpoint incidents being reported dropped to about half of what it was prior to Friday.

Resolution

During the investigation, it was determined that on Friday, a rule used in several policies was updated.

A comparison between the number of incidents associated with that rule and its policies from before Friday and after Friday showed that the number of incidents dropped by about 50%.
The rule change caused the drop in the number of incidents.
The system is working as configured.

Powered by Wolken Software