>
    View the Enterprise DLP End User Alerting with Cortex XSOAR Response History
    Focus
    Download PDF
    Focus
    1. Home
    2. Enterprise DLP
    3. Enterprise DLP Administration
    4. Configure Enterprise DLP
    5. Enterprise DLP End User Alerting with Cortex XSOAR
    6. View the Enterprise DLP End User Alerting with Cortex XSOAR Response History
    Download PDF
    Enterprise DLP

    View the Enterprise DLP End User Alerting with Cortex XSOAR Response History

    Table of Contents

    View the Enterprise DLP End User Alerting with
    Cortex XSOAR
    Response History

    View the response history for
    Enterprise Data Loss Prevention (E-DLP)
     incidents.
    Where Can I Use This?
    What Do I Need?
    • NGFW (Managed by Panorama)
    • Prisma Access (Managed by Strata Cloud Manager)
    • SaaS Security
    • NGFW (Managed by Strata Cloud Manager)
    • Enterprise Data Loss Prevention (E-DLP)
       license
    • NGFW (Managed by Panorama)
      —Support and
      Panorama
       device management licenses
    • Prisma Access (Managed by Strata Cloud Manager)
      Prisma Access
       license
    • SaaS Security
      SaaS Security
       license
    • NGFW (Managed by Strata Cloud Manager)
      —Support and
      AIOps for NGFW Premium
       licenses
    Or any of the following licenses that include the
    Enterprise DLP
     license
    • Prisma Access
       CASB license
    • Next-Generation CASB for Prisma Access and NGFW (CASB-X)
       license
    • Data Security
       license
    The
    Enterprise Data Loss Prevention (E-DLP)
     End User Alerting with
    Cortex XSOAR
    response history provides an audit trail for administrators to understand which end user uploaded a file containing sensitive data and how they responded to the
    Enterprise DLP
     Bot on Slack.
    The possible response statuses are:
    • Pending Response
       - The automated
      Enterprise DLP
       Bot message was sent and is pending a response.
    • Confirmed Sensitive
       - End user confirmed that
      Yes
      , the file contains sensitive data but
      No
      , the end user didn’t request an exemption.
      For all future uploads of the file, the file upload remains blocked and end users aren’t prompted to request for an exemption.
    • Exception Requested
       - End user confirmed that
      Yes
      , the file contains sensitive data and
      Yes
      , the end user requested an exemption.
      For all future uploads of the file, end users aren’t prompted to confirm the file contains sensitive data but are prompted to request for an exemption.
    • Confirmed False Positive
       - End user confirmed that
      No
      , the file doesn’t contain sensitive data.
      For all future uploads of the file, the file uploads remain blocked and end users aren’t prompted to confirm if the file contains sensitive data.
    1. Log in based on the platform on which you’re using
      Enterprise DLP
      .
      • Panorama
         (Next-Gen Firewalls) and
        Prisma Access (Managed by Panorama)
         - Log in to the DLP app on the hub.
        If you don’t already have access to the DLP app on the hub, see the hub Getting Started Guide. Only Superusers can access the hub.
      • Strata Cloud Manager
         - Log in to
        Strata Cloud Manager
        .
    2. Navigate to the
      Enterprise DLP
       Incidents.
      • Panorama
         (Next-Gen Firewalls) and
        Prisma Access (Managed by Panorama)
         - In the DLP app, select
        Incidents
        .
      • Strata Cloud Manager
         - Select
        Logs
        DLP Incidents
        .
    3. In the Incidents section, view the Response Status for all file uploads.
      You can also
      Add New Filter
       to filter
      Enterprise DLP
       Incidents based on the
      Response Status
      .
    4. Click on the
      File
       name to view the detailed Response History for that specific file.
      The detailed response history includes the team member who uploaded the file and how they responded to the
      Enterprise DLP
       Bot.

    Recommended For You

    © 2024 Palo Alto Networks, Inc. All rights reserved.