>
    Create and Upload an Encrypted EDM Data Set Using a Configuration File
    Focus
    Download PDF
    Focus
    1. Home
    2. Enterprise DLP
    3. Enterprise DLP Administration
    4. Configure Enterprise DLP
    5. Exact Data Matching (EDM)
    6. Upload an Encrypted EDM Data Set to the DLP Cloud Service Using a Configuration File
    7. Create and Upload an Encrypted EDM Data Set Using a Configuration File
    Download PDF
    Enterprise DLP

    Create and Upload an Encrypted EDM Data Set Using a Configuration File

    Table of Contents

    Create and Upload an Encrypted EDM Data Set Using a Configuration File

    Use the Exact Data Matching (EDM) CLI application to create and upload an encrypted hash EDM data set in CSV or TSV format using a configuration file.
    Where Can I Use This?
    What Do I Need?
    • NGFW (Managed by Panorama)
    • Prisma Access (Managed by Strata Cloud Manager)
    • SaaS Security
    • NGFW (Managed by Strata Cloud Manager)
    • Enterprise Data Loss Prevention (E-DLP)
       license
    • NGFW (Managed by Panorama)
      —Support and
      Panorama
       device management licenses
    • Prisma Access (Managed by Strata Cloud Manager)
      Prisma Access
       license
    • SaaS Security
      SaaS Security
       license
    • NGFW (Managed by Strata Cloud Manager)
      —Support and
      AIOps for NGFW Premium
       licenses
    Or any of the following licenses that include the
    Enterprise DLP
     license
    • Prisma Access
       CASB license
    • Next-Generation CASB for Prisma Access and NGFW (CASB-X)
       license
    • Data Security
       license
    Create and upload an encrypted hash Exact Data Matching (EDM) data set using a configuration file included with the EDM CLI application. The configuration file allows you to configure the upload parameters for upload ahead of time rather than manually entering each parameter at the time of upload. You can also quickly update an existing EDM data set on the DLP cloud service when you configure the
    config.properties
     and
    upload_config.properties
     files.
    2. In the
      upload_config.properties
       file, you must enter a unique data set name for EDM data set you want to create and upload as the
      dataset_name
      . Upload to the DLP cloud service fails if you upload an EDM data set with a data set name that already exists in the DLP app.
    3. Review the Supported EDM Data Set Formats and prepare the EDM data set for upload to the DLP cloud service.
    4. Navigate to the
      package-edm-secure-cli-<version>-<platform>
       directory and open the
      config.properties
       file.
    5. Configure the EDM data set upload parameters.
      1. Enter the path of the EDM data set for upload.
      2. Enter the delimiter used to specify boundaries between values in the EDM data set.
        The “
        ,
        ” and tab (
        t
        ) delimiters are supported for EDM data set uploads. An EDM data set may only use one delimiter.
      3. Enter the EDM data set encoding method.
      4. Enter the error threshold percentage for the EDM data set.
        A secured version of the EDM data set is not created if the DLP cloud service encounters errors exceeding the specified error threshold percentage.
      5. Specify whether the EDM data set has a header row.
        Enter
        true
         if the EDM data set includes a header row.
        Enter
        false
         if the EDM data set does not include a header row.
      6. Specify whether to allow uploads of EDM data sets that include empty or blank cells.
        Enter
        true
         to allow rows that include empty or blank rows in an EDM data set.
        Enter
        false
         to reject rows that include empty or blank cells in an EDM data set.
      7. Specify whether the EDM CLI application should abort the EDM data set upload if the EDM data set includes more than the maximum number of cells supported.
        Enter
        true
         to upload the maximum number of data set cells supported.
        Enter
        false
         to abort EDM CLI application if the EDM data set has more than the maximum number of data set cells supported.
      8. Map your columns using the supported Data Types Value to accurately map each column in your EDM data set to a specific Data Type.
        Refer to the
        README.txt
         file packaged with the EDM CLI application for the table to map your EDM data set columns to the correct Data Type value.
        When you create an advanced data profile on
        Strata Cloud Manager
        , you’re required to add at least one column where the column values occurs up to 12 times in the selected EDM data set for the
        Primary Field
        .
        When mapping your columns to a specific Data Type, be sure to include at least one column with up to 12 occurrences across the entire EDM data set. Otherwise, the DLP cloud service is unable to match traffic against the EDM data profile you create using this EDM data set.
      9. Select
        File
         and
        Save
         the configuration file.
    6. Upload the EDM data set to the DLP cloud service.
      1. Open a terminal and navigate to the
        package-edm-secure-cli-<version>-<platform>
         directory where the EDM CLI application is located.
      2. Upload the EDM data set to the DLP cloud service.
        • Windows
          admin:
           edm-secure-cli.bat create -u
        • Linux
          admin:
           ./edm-secure-cli.sh create -u
        A secured copy of the EDM data set specified is created and the EDM data set begins uploading to the DLP cloud service.
      3. Verify that the EDM data set is uploaded to the DLP cloud service successfully.
        A progress bar and success message is displayed to notify you whether the upload is successful.
    7. Monitor the upload status of the EDM data set.
      The time it takes for an EDM data set uploaded to DLP cloud service to be available on the DLP app or
      Strata Cloud Manager
       depends on the EDM data set size and internet connectivity speed. For example, a 4GB EDM data set upload typically takes about 30 minutes to display in the DLP app and be usable in an advanced data profile.
      1. Log in to
        Strata Cloud Manager
         or the DLP app on the hub.
      2. Navigate to the list of uploaded EDM data sets.
        • DLP app on the hub—
          Select
          Detection Methods
          Exact Data Matching
          .
        • Strata Cloud Manager
           Select
          Manage
          Configuration
          Data Loss Prevention
          Detection Methods
           and select
          Exact Data Matching
          .
      3. The EDM data set upload is complete when the
        Indexing Status
         column displays
        Complete
        .

    Recommended For You

    © 2024 Palo Alto Networks, Inc. All rights reserved.