Documentation | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Viewing Incidents and Reports > Viewing the incident list > Tuning policies > Excluding source from rules
Excluding source from rules
Administrator Help | Forcepoint DLP | Version 8.7.x
This option is for custom data loss prevention policies only. You cannot exclude source from an email or Web data loss prevention policy.
When you select this option, a dialog box lists the rules that were breached for the selected incident. You can exclude the incident source from the rules if desired.
For example, if the source of the incident was John Doe, you can exclude John Doe from the rule in the future.
Select the rule or rules from which you want to exclude the incident source. The source is listed in the incident table in the Source column.
You can return the source to the rule later if necessary. Do this by selecting the rule in the policy management tree view, clicking Edit, and navigating to the Source tab.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Viewing Incidents and Reports > Viewing the incident list > Tuning policies > Excluding source from rules
Copyright 2020 Forcepoint. All rights reserved.