Where Can I Use This? | What Do I Need? |
- Panorama
- Strata Cloud Manager
|
- Enterprise Data Loss Prevention (E-DLP) license
- (SaaS Security only) SaaS Security license
- (Panorama) Device management license
- (Panorama) Support license
- (Strata Cloud Manager) Prisma Access
license
- (Strata Cloud Manager) AIOps for NGFW Premium license
- (Strata Cloud Manager) AIOps for NGFW Free
license
|
After you successfully connect your
AWS storage bucket,
Azure storage bucket, or
SFTP server to
Enterprise Data Loss Prevention (E-DLP) to store evidence
for traffic that match your
Enterprise DLP data profiles, you can download a
file to your local device the instance of traffic scanned by the DLP cloud service
that generated the DLP incident to allow for in-depth investigation.
Traffic scanned by the DLP cloud service while Enterprise DLP is disconnected
from your cloud storage bucket isn't stored in your cloud storage. This means that
all files created by traffic that generated a DLP incident aren’t available for
download. However, all snippet data is preserved and can still be viewed in Enterprise DLP.
The file format or the matched traffic is dependent on the type of traffic that
generated the DLP incident.
File Based—Copy of the file that generated the incident is saved in
the same file format in which it was inspected.
Non-File—Non-file traffic is saved in
.txt format.
If a file is shared in a non-file based app, for example Slack, then the file
is saved in the same file format in which it was inspected.
Email DLP—Outbound emails are saved in
.eml format.