Create and Upload an Encrypted EDM Data to the DLP Cloud Service in Interactive Mode

Set Up the EDM CLI Application.

Create the access token for authentication with the DLP cloud service.

When uploading an EDM data set to the DLP cloud service using Interactive mode, you only need to create an access token to successfully upload an EDM data set to the DLP cloud service. You do not need to configure the rest of the

upload_config.properties

file.

Review the Supported EDM Data Set Formats and prepare the EDM data set for upload to the DLP cloud service.

Enter Interactive mode in the EDM CLI application to begin the EDM data set upload.

Open the terminal and navigate to the

package-edm-secure-cli-<version>-<platform>

directory where the EDM CLI application is located.

Enter Interactive mode in the EDM CLI application.

Windows

admin:
 edm-secure-cli.bat interactive

Linux

admin:
 ./edm-secure-cli.sh interactive

Entering this commands begin the interactive upload process for EDM data sets to the DLP cloud service.



Enter the path of the EDM data set for upload.



Enter the delimiter used to specify boundaries between values in the EDM data set.

The “

,

” and “tab (

t

) delimiters are supported for CSV or TSV files. The EDM CLI application uses the delimiter “

,

” by default. The EDM data set may only use one delimiter.



Enter the EDM data set file encoding method.



Enter the error threshold percentage for the EDM data set.

A secured version of the EDM data set is not created if the DLP cloud service encounters errors exceeding the specified error threshold percentage.



Specify whether the EDM data set has a header row.



Specify whether the EDM CLI application should abort the EDM data set upload if the EDM data set includes more than the maximum number of cells supported.

Enter

true

to upload the maximum number of data set cells supported.

Enter

false

to abort EDM CLI application if the EDM data set has more than the maximum number of data set cells supported.



Enter the number of columns in your EDM data set.

This step is required to accurately map your CSV or TSV columns to the supported data types to allow the DLP cloud service to accurately ingest your EDM data set.



Map your columns using the supported Data Types Value to accurately map each column in your EDM data set to a specific Data Type.

The EMD CLI application presents a table with each Data Type Name and the corresponding Data Type Value. You can also view this table in the

README.txt

file packaged with the EDM CLI application.

When you create a data profile with EDM data sets on the DLP app or a data profile with EDM data sets on Cloud Management, you are required to add at least one column where the column values occurs up to 12 times in the selected EDM data set for the

Primary Field

.

When mapping your columns to a specific Data Type, be sure to include at least one column with up to 12 occurrences across the entire EDM data set. Otherwise, the DLP cloud service is unable to match traffic against the EDM data filtering profile you create using this EDM data set.



Specify whether to upload the EDM data set to the DLP cloud service. Enter

y

to continue uploading the EDM data set or

n

to upload the EDM data set at a later time.

Entering

n

creates a secured copy of the EDM data set in the

package-edm-secure-cli-<version>-<platform>

directory for you to review.

You can skip the remaining steps below and Upload an Encrypted EDM Data Set to the DLP Cloud Service at a later time.



Enter

y

to create a new EDM data set and enter the data set name.

If you enter

n

and are uploading to the DLP cloud service, you are still prompted to enter an EDM data set name. This updates the existing EDM data set you previously uploaded to the DLP cloud service.



(

EDM CLI application 2.2 and later

) Specify whether you are using an access token, or Client ID and Client Secret.

Skip this step if you are using EDM CLI application 2.1 or earlier release.

If you are using an access token to authenticate and connect to the DLP cloud service, enter
y
.
If you are leveraging Enterprise DLP from the SASE Platform, enter
n
.



Add the authentication mechanism required to connect to the DLP cloud service.

Enter the

Access Token

and

Refresh Token

.



(

SASE Platform only

) Enter the

Client ID

and

Client Secret

.



(

Proxy server only

) When prompted, enter

y

if the local device from which you are uploading requires a proxy server to connect to the internet.

You are required to provide the following information for your proxy server.

Proxy hostname
Proxy port number
Proxy username
Proxy password

Enter

Y

or

y

to confirm the EDM data set upload configuration is correct and begin uploading to the DLP cloud service.

A secured copy of the EDM data set specified is created in the

package-edm-secure-cli-<version>-<platform>

. In the directory, a new folder is created with the name of the EDM data set you appended with the date and time it was created. Inside this folder is the encrypted

output.zip

file containing your EDM data set that is uploaded to the DLP cloud service.

A progress bar and success message is displayed to notify you whether the upload is successful.



Monitor the upload status of the EDM data set.

The time it takes for an EDM data set uploaded to DLP cloud service to be available on the DLP app or Cloud Management depends on the EDM data set size and internet connectivity speed. For example, a 4GB EDM data set upload typically takes about 30 minutes to display in the DLP app and be usable in a data profile with EDM data sets.

Log in to the DLP app on the hub or Launch the Cloud Management Console.
Navigate to the list of uploaded EDM data sets.
DLP app on the hub—
Select
Detection Methods
Exact Data Matching
.
Cloud Management—
Select
Manage
Configuration
Data Loss Prevention
Detection Methods
and select
Exact Data Matching
.
The EDM data set upload is complete when the
Indexing Status
column displays
Complete
.