Monitor DLP Integration Run process
-
- UpdatedJan 30, 2025
- 1 minute read
- Yokohama
- Security Operations
Track and monitor the ongoing ingestion or the integration run process. The integration run processes contains the statistics on how much the data was processed and the integration status.
Role required: sn_dlir.admin.
- In Symantec integration, the process contains both child and parent integration runs. The parent record indicates the ingestion data and child record indicates the enrichment calls and custom attribute records.
- In Microsoft integration, there is only parent record ingestion process to be run.
DLP Integration Run Processes: This displays the queue entries, status of queue entries, and fetched records.
The integration run contains the Source for which the integration profile and the integration run record is created, profile polling intervals, ingestion states and substates, incident count which indicates the number of records that are ingested.
- Navigate to .
- Select the integration run from the list.
- Navigate to the DLP Integration Run Process.
- View the queue entry status of the record.
Related Content
- DLP default configuration settings
Define the default configuration settings for Data Loss Prevention Incident Response (DLP IR) incidents to identify and set up the incident notification and incident assignment preferences for your end users.
- Create end user lookup rules
You can create and configure end user lookup rules and assign the DLP incidents to the respective end users based on those rules.
- Create assignment rules
Use this section to create assignment rules. Then, assign the Data Loss Prevention Incident Response (DLP IR) incidents to user groups, end users, managers, or user from incident.
- Create incident consolidation rules
Create incident consolidation rule to consolidate multiple incidents of similar nature under one parent incident.
- Create response due date rules
Set up the response due date rules to determine the time you want to give your end users to respond to the assigned Data Loss Prevention Incident Response (DLP IR) incidents.
- Create Approval Rules
Create approval rules to take approval from various levels of approver users whenever an advanced type of response option is selected.
- Create user instructions templates
Create and manage user instructions template for DLP incidents to help the users understand the instructions involved incident resolution and the next steps involved in the resolution process.
- Create email templates
Create and manage the preconfigured email templates for sending notifications to your end users, user groups, or managers. With these templates, you can coach and communicate with your end users about the Data Loss Prevention Incident Response (DLP IR) incidents.
- Create a Data Loss Prevention Incident Response SLA trigger
Create a Data Loss Prevention Incident Response SLA trigger condition that enables a prompt and efficient response to an incident when triggered.
- Create a Data Loss Prevention Incident Response SLA definition
Create a Data Loss Prevention Incident Response SLA definition that outlines the conditions and duration for responding to data breaches. Establishing clear expectations and protocols helps ensure a swift response to incidents, minimizing potential damage and enhancing overall data protection strategies.
- Create assessments
Create and manage assessments to enable end users to respond to DLP incidents. You can use the assessments to gather information about the sensitive data exposed or leaked from the DLP incidents.
- Create incident response option rules
Create the incident response option rules that end user or analyst can use while responding to an incident.
- Create age chart configurations
Configure the age chart that appears in the Data Loss Prevention Incident Response (DLP IR) Ops portal. This chart shows the count of open incidents by the number of days.
- Create user delegate configurations
Prevent certain executives in the organization from receiving notifications about the incidents assigned or escalated to them.
- Create repeat offender identification rules
Create repeat offender identification rules to identify users who repeat the same issue multiple times.
- Create Additional Incident Data Fields
Create your Additional Incident Data Fields for the DLP incidents. You can create different types of Additional Incident Data Fields such as string, number, check box, choice, date and time, and use them in the DLP incident forms.
- DLP SLA Definition form
Field descriptions for the DLP SLA Definition form used to create an SLA record.
- Configure advanced settings
Configure the advanced settings so that you can determine the fields on the Incident for identifying the end users, among other capabilities.
- DLP Incident Access Restrictions
Manage the visibility of a particular DLP incident that contains sensitive information. You can use incident access restrictions to define who can access a particular DLP incident and restrict specific users or groups from accessing that incident.
- DLP Incidents Archival
The Data Loss Prevention Incident Response is provisioned with one archival rule in the base system for the DLP incident table. The related records are also added in the base system to the DLP incident archive rule.