Forum Discussion
Incorrect alert information for DLP incidents being displayed
We have an *AND* statement within our DLP rules across the organization policy set where only one of the two conditions within the "AND" is firing and we're getting alerts that are not showing all th...
It is also important to note that the condition before the "OR" statement is using a high threshold count so that it only triggers above 100 detections. The statement after the "OR" operator is lower threshold, but it requires a dictionary SID match