HomeDocumentation and Guides

Filetypes Supported in Content Policies

DLP policies in Cisco Cloudlock monitor the content of files in the environment. Filetypes supported are listed below followed by any exceptions.

Supported Filetypes

csv (Comma Separated Values)text/comma-seperated-values
doc (Microsoft Word '97+)application/msword
docx (Microsoft Word 2007+)application/vnd.openxmlformats-officedocument-wordprocessingml.document
eml (RFC822 Email File)message/rfc822
html (Hyper Text Markup Language)text/html
OpenDocument Textapplication/vnd.oasis.opendocument.text
OpenDocument presentationapplication/vnd.oasis.opendocument.presentation
OpenDocument spreadsheetapplication/vnd.oasis.opendocument.spreadsheet
pdf (Portable Document Format)application/pdf
ppt (Microsoft Powerpoint '97+)application/nvd.ms-powerpoint
pptx (Microsoft Powerpoint 2007+)application/vnd.openxmlformats-officedocument.presentationml.presentation
rtf (Rich Text File)application/rtf, text/rtf
tsv (Tab Separated Values)text/tab-seperated-values
txt (Text)text/plain
url (Uniform Resource Locator)text/url
xls (Microsoft Excel '97+)application/vnd.ms-excel
xlsx (Microsoft Excel 2007+)application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
zip (Zip Archives)application/zip


Attachments- Salesforce and ServiceNow

When a file is attached to a field or other object, it is uploaded and stored in the platform and at that point becomes subject to monitoring by relevant policies.


Cloudlock examines the first 1000 rows and 1000 columns, and a maximum of 100,000 total cells in a single spreadsheet document. Blank cells are still counted as data and the value is "null." Content is matched only if it appears in its entirety within a single cell.


Cloudlock supports scanning of pdf for content and context only when digitally created. Pdfs that are typically scanned in via a scanner which creates an "image" of the document can only be monitored for exposure and file name.

Zip Files

Only up to 100 of the files within a zip file are scanned and only up to 5MB TOTAL of the zip file's contents are scanned. Cloudlock supports up to 10 levles of zip file nesting (a zip within a zip within a zip). Zip files are currently only supported in DLP policies.

RFC822 Email Files

Attachments are not supported.

Google Docs

In the Google platform, native Google Docs do not have "filetypes" per se (they have no filename extensions, for example), but they are monitored by Cloudlock. Only objects stored in Google Drive are monitored by Cloudlock; GMail attachments that are not stored in Google Drive — like any other file or document stored outside Drive — are not monitored.

Google Sites

Currently, Cloudlock supports Classic and New Sites through context only policies. For example: when permissions for the site changes (i.e. editing rights) the policy will flag as an incident. Exposure is not detected through publishing, however.


Individual files larger than 15MB are not examined.