The Umbrella User Guide Developer Hub

Welcome to the Umbrella User Guide developer hub. You'll find comprehensive guides and documentation to help you start working with Umbrella User Guide as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

(Old) Data Loss Prevention Report

Users with De-identification Enabled

Any role with De-identification enabled will continue to see identifiable information in the Data Loss Prevention Report.

View the Data Loss Prevention Report

  1. Navigate to Reporting > Additional Reports > Data Loss Prevention.
  2. Select a time frame to view the results of the report.
    You can select results for the last 24 hours, the previous day (yesterday), the last week, the last 30 days, or a custom range within the last 30 days.
  1. Filter results by Block, Monitor, or both. By default, none are selected, so both actions are displayed.
  1. Filter results by Severity.
  1. Filter results by Identity Type.
  1. Click the gear icon to customize and sort the columns of your report.
  1. View results in the report table.
  • Severity—The severity of the rule that triggered the event.
  • Identity or File Owner—The identity which made the request.
  • Name—The name of the file where a classification match was found. When content is found in a message or a post, the File name displays Content.
  • Destination—The destination where the content was scanned.
  • Rule—The rule that triggered the event.
  • Action—Whether the content was monitored or blocked.
  • Detected—The date and time of detection.
  1. Click the action menu (three dots) or in a row of the report to view further details of an event.

The event details displays some of the same content as the report table, with additional information:

  • Destination URL—The URL of the destination for the event.
  • Rule Triggered—The rule that triggered the event.
  • Application—The application where the file was uploaded or posted.
  • Classification—The classification that matched the content found in the event. Clicking the caret will display the excerpts where the matches were found.
  • SHA256 Hash—The unique SHA256 hash for the file.

Use Advanced Search

You can search the Data Loss Prevention Report by keyword to find specific events.

Alternatively, click Advanced in the search bar to bring up the advanced search. You can search for events by identity, destination (including applications), rule, data identifier, or the file hash. Click Apply to apply the filters to the report.


Cloud Malware Report < Data Loss Prevention Report

Updated 2 months ago

(Old) Data Loss Prevention Report


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.