>
    Add Custom Match Criteria to a Predefined Data Pattern
    Focus
    Download PDF
    Focus
    1. Home
    2. Enterprise DLP
    3. Configure Enterprise DLP
    4. Data Patterns
    5. Add Custom Match Criteria to a Predefined Data Pattern
    Download PDF
    Enterprise DLP

    Add Custom Match Criteria to a Predefined Data Pattern

    Table of Contents

    Add Custom Match Criteria to a Predefined Data Pattern

    Clone a predefined regex data pattern on Strata Cloud Manager to add custom match criteria to enhance detection and prevention of data exfiltration.
    On May 7, 2025, Palo Alto Networks is introducing new Evidence Storage and Syslog Forwarding service IP addresses to improve performance and expand availability for these services globally.
    You must allow these new service IP addresses on your network to avoid disruptions for these services. Review the Enterprise DLP Release Notes for more information.
    Where Can I Use This?What Do I Need?
    • NGFW (Managed by Panorama or Strata Cloud Manager)
    • Prisma Access (Managed by Panorama or Strata Cloud Manager)
    • Enterprise Data Loss Prevention (E-DLP) license
      Review the Supported Platforms for details on the required license for each enforcement point.
    Or any of the following licenses that include the Enterprise DLP license
    • Prisma Access CASB license
    • Next-Generation CASB for Prisma Access and NGFW (CASB-X) license
    • Data Security license
    Clone a predefined regular expression (regex) data pattern to add specific inclusion or exclusion and provide custom match criteria to enhance detection and prevention of data exfiltration of sensitive data. This allows users to enhance predefined regex data pattern with more customized match criteria.
    1. Log in to Strata Cloud Manager.
    2. Select ManageConfigurationData Loss PreventionDetection MethodsData Patterns.
    3. Locate the predefined regex data pattern.
    4. Expand the Actions and Clone.
    5. Add the custom match criteria to specify data to include or exclude from inspection and verdict rendering.
      Up to 50,000 characters are supported in each field. You can add multiple custom data match criteria requirements in a single field separated by a semicolon (;). You specify one, some, or all custom data match criteria.
      • Include Matches Starting With—Inclusive match criteria to inspect for and trigger Enterprise DLP enforcement for only data matches starting with one or more of the criteria added.
        This field is an AND operator.
      • Include Matches End With—Inclusive match criteria to inspect for and trigger Enterprise DLP enforcement for only data matches ending with one or more of the criteria added.
        This field is an AND operator.
      • Exclude Matches Starting With—Exclude match criteria from Enterprise DLP inspection and enforcement for data matches starting with one or more of the criteria added.
        This field is an OR operator.
      • Exclude Matches Ending With—Exclude match criteria from Enterprise DLP inspection and enforcement for data matches ending with one or more of the criteria added.
        This field is an OR operator.
    6. Save.
    7. Create a data profile on Strata Cloud Manager.

    © 2025 Palo Alto Networks, Inc. All rights reserved.