After adding a Sender Pattern Condition to a Response Rule, a severe 1807 event is generated for all new incidents. The event is seen even for incidents that matched on policies that were not assigned the response rule. Policy detection and all other response rules trigger successfully

Message
Code: 1807
Summary: Response rule processing execution failed
Detail: Response rule command runtime execution failed from error: Error evaluating condition for command: set-status.

IncidentPersister.log shows the following:

Level: WARNING
Thread: #####
Source: com.vontu.condition.incident.ServerSideConditionEvaluator.evaluate
Message: Expected condition UUID and condition evaluation result but not found for variable: message.sender.pattern


Level: SEVERE
Thread: #####
Source: com.vontu.command.CommandRuntime.execute
Message: Error evaluating condition for command: notify
com.vontu.condition.java.VariableEvaluatorException: Condition evaluation results were not found for incident: null

Steps to reproduce:

1. Create a Sender or Recipient Reusable Pattern (Enforce Console > Manage > Policies > Sender/Recipient Patterns)
2. Create a Response Rule with the new Pattern as a condition (Enforce Console > Manage > Policies > Response Rules > select your rule or create a new rule > Add Condition > Sender Pattern)
3. Assign the Response Rule to any policy, Active or Suspended
4. Trigger an incident on a detection server
5. Observe the 1807 errors are generated in Enforce Console > System > Servers and Detectors > Events

Symantec Data Loss Prevention 16.1, 16.1 MP1

The 1807 event in this scenario is cosmetic. Policies and response rules are triggering successfully.
This is resolved in DLP 16.1 HF7, 16.1 MP2 and DLP 25.1