Create and Upload an Encrypted EDM Data to the DLP Cloud Service in Interactive Mode

Access the Common Services Identity and & Access settings and add a Service Account to generate the

Client ID

and

Client Secret

.

If you already have a Service Account created, you can Reset Client Secret to recover a lost

Client Secret

.

The

Client ID

and

Client Secret

are used to authenticate and connect the EDM CLI application to the DLP cloud service.

When you create the Service Account, the

Client ID

and

Client Secret

are displayed in the

Client Credentials

. You can manually copy the Client Credentials or

Download CSV File

to download the Client Credentials in plaintext locally to your device



Set Up the EDM CLI Application.

You must download EDM CLI application 2.2 or later version to upload an EDM data set to a TSG-supported tenant.

Review the Supported EDM Data Set Formats and prepare the EDM data set for upload to the DLP cloud service.

Enter Interactive mode in the EDM CLI application to begin the EDM data set upload.

Open the terminal and navigate to the

package-edm-secure-cli-<version>-<platform>

directory where the EDM CLI application is located.

Enter Interactive mode in the EDM CLI application.

Windows

admin:
 edm-secure-cli.bat interactive

Linux

admin:
 ./edm-secure-cli.sh interactive

Entering this command begins the interactive upload process for EDM data sets to the DLP cloud service.



Enter the path of the EDM data set for upload.



Enter the delimiter used to specify boundaries between values in the EDM data set.

The “

,

” and “tab (

t

) delimiters are supported for CSV or TSV files. The EDM CLI application uses the delimiter “

,

” by default. The EDM data set might only use one delimiter.



Enter the EDM data set file encoding method.



Enter the error threshold percentage for the EDM data set.

A secured version of the EDM data set is not created if the DLP cloud service encounters errors exceeding the specified error threshold percentage.



Specify whether the EDM data set has a header row.



Specify whether to allow uploads of EDM data sets that include empty or blank cells.

Enter

true

to allow rows that include empty or blank cells in an EDM data set.

Enter

false

to reject rows that include empty or blank cells in an EDM data set.



Specify whether the EDM CLI application should abort the EDM data set upload if the EDM data set includes more than the maximum number of cells supported.

Enter

true

to upload the maximum number of data set cells supported.

Enter

false

to abort EDM CLI application if the EDM data set has more than the maximum number of data set cells supported.



Enter the number of columns in your EDM data set.

This step is required to accurately map your CSV or TSV columns to the supported data types to allow the DLP cloud service to accurately ingest your EDM data set.



Map your columns using the supported Data Types Value to accurately map each column in your EDM data set to a specific Data Type.

The EMD CLI application presents a table with each Data Type Name and the corresponding Data Type Value. You can also view this table in the

README.txt

file packaged with the EDM CLI application.

When you create an advanced data profile on

Strata Cloud Manager

, you’re required to add at least one column where the column values occurs up to 12 times in the selected EDM data set for the

Primary Field

.

When mapping your columns to a specific Data Type, be sure to include at least one column with up to 12 occurrences across the entire EDM data set. Otherwise, the DLP cloud service is unable to match traffic against the EDM data profile you create using this EDM data set.



Specify whether to upload the EDM data set to the DLP cloud service. Enter

y

to continue uploading the EDM data set or

n

to upload the EDM data set later.

Entering

n

creates a secured copy of the EDM data set in the

package-edm-secure-cli-<version>-<platform>

directory for you to review.

You can skip the remaining steps below and Upload an Encrypted EDM Data Set to the DLP Cloud Service later.



Enter

y

to create a new EDM data set and enter the data set name.

If you enter

n

and are uploading to the DLP cloud service, you’re still prompted to enter an EDM data set name. This updates the existing EDM data set you previously uploaded to the DLP cloud service.



(

EDM CLI application 2.2 and later

) Specify the authentication mechanism used to upload the EDM data set to the DLP cloud service.

When prompted about whether
you have access and refresh token
, enter
n
.
The is required to enter the Client ID and Client Secret.
Enter the
Client ID
and
Client Secret
.



(

Proxy server only

) When prompted, enter

y

if the local device from which you’re uploading requires a proxy server to connect to the internet.

You’re required to provide the following information for your proxy server.

Proxy hostname
Proxy port number
Proxy username
Proxy password

Enter

Y

or

y

to confirm the EDM data set upload configuration is correct and begin uploading to the DLP cloud service.

A secured copy of the EDM data set specified is created in the

package-edm-secure-cli-<version>-<platform>

. In the directory, a new folder is created with the name of the EDM data set you appended with the date and time it was created. Inside this folder is the encrypted

output.zip

file containing your EDM data set that is uploaded to the DLP cloud service.

A progress bar and success message are displayed to notify you whether the upload is successful.



Monitor the upload status of the EDM data set.

The time it takes for an EDM data set uploaded to DLP cloud service to be available on the DLP app or

Strata Cloud Manager

depends on the EDM data set size and internet connectivity speed. For example, a 4GB EDM data set upload typically takes about 30 minutes to display in the DLP app and be usable in an advanced data profile.

Log in to
Strata Cloud Manager
or the DLP app on the hub.
Navigate to the list of uploaded EDM data sets.
DLP app on the hub—
Select
Detection Methods
Exact Data Matching
.
Cloud Management
—
Select
Manage
Configuration
Data Loss Prevention
Detection Methods
and select
Exact Data Matching
.
The EDM data set upload is complete when the
Indexing Status
column displays
Complete
.