This blog outlines the steps to export the DLP policies, rules and settings in bulk.
Here's a summary of the items covered:
We have cmdlets to export the DLP Policies rules and settings however one of the main issues we come across is the inability to view the value of those switches since the data is parsed.
Consider a scenario where you want a list of all the groups/users scoped or excluded in a particular policy along with the Display Names, Email and Immutable ID’s.
When you run the cmdlet to you would see that the content is enclosed with braces { }. Braces are normally indicative of a hash table.
Get-DlpCompliancePolicy "Credit Card Policy - Audit" | Select EndpointDLPLocation
EndpointDlpLocation
-------------------
{Tailspin, Traders, Contoso, contosoteam...}
Considering there are hundreds of entries, you can use the below cmdlet to expand the property and export it as a csv.
Get-DlpCompliancePolicy "Credit Card Policy - Audit" | Select -ExpandProperty EndpointDLPLocation | Export-Csv c:\temp\Policyscoping.csv -NoTypeInformation
Similarly, you can use the below to export the list of users/groups that are excluded from the policy.
Get-DlpCompliancePolicy "Credit Card Policy - Audit" | Select -ExpandProperty EndpointDLPLocationException | Export-Csv c:\temp\PolicyExclusion.csv -NoTypeInformation
You can also choose to export all the policies and their attributes/sub-attributes as a JSON file using the below command.
You can then use a Parser or import the json file into PowerQuery/PowerBI to parse the data and view all the policies and it’s details.
$dlppolicy = Get-DlpCompliancePolicy
$dlppolicy | ConvertTo-Json -Depth 100 | Out-File -Encoding UTF8 -FilePath c:\policy.json
You can also choose to Export a single policy or rule info to JSON and view the details by using the below cmdlet.
$dlppolicy = Get-DlpCompliancePolicy "Credit Card Policy - Audit"
$dlppolicy | ConvertTo-Json -Depth 100 | Out-File -Encoding UTF8 -FilePath c:\CCpolicy.json
$dlprule = Get-DlpComplianceRule
$dlprule | ConvertTo-Json -Depth 100 | Out-File -Encoding UTF8 -FilePath c:\rule.json
In-order to export the Policy Configuration, you can use the below.
$config = Get-PolicyConfig
$config | ConvertTo-Json -Depth 100 | Out-File -Encoding UTF8 -FilePath c:\policyconfig.json
Hope this article helps in your DLP journey!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.