Have you tried this @Dale Christian?

 

https://support.microsoft.com/en-us/help/2823261/changes-to-a-data-loss-prevention-policy-don-t-take...

One thing that took me a while to figure out is that you need to provide some context in your files or emails. You can't just have a credit number by itself and expect it to find it. The algorithms are looking for words like "credit card, amex, routing number, visa, expiration date, ssn, etc."

Once I started putting additional text like that in my test files and test emails, then the policies started triggering.

Jason Hartman

It's all about Match Accuracy and Instance Count.  That's where your policy tuning happens.  Microsoft doesn't do a great job describing how the percentages in Match Accuracy increase or decrease the alerting/blocking threshold, so you'll have to test it out and tune it yourself before it goes into prod.

 

That being said, take a look at my screen grab and look where I dropped the minimum match threshold to 10% on IP Addresses and SSNs.  Try it yourself and you should see the alerting and blocking actions occur.  From there, increase until you've met your desired threshold.

 

Cheers!