Use this screen (Resources > Remediation Scripts) to define an external script to run when various breaches are discovered.
Note: If you have Websense Web Security Gateway Anywhere, this section does not apply to you.
Warning: To avoid degrading system performance, it is highly recommended you consult with Technical Support before adding a remediation script.
There are 3 types of remediation scripts:
Endpoint Script - used for endpoint incidents. When a breach is discovered on an endpoint, this script is run automatically. Because the script is run on an endpoint device, it should have minimal CPU and disk space requirements. In addition, it should not assume the endpoint computer is part of the network.
Incident Management Script - this script is not executed automatically. To activate this script, open an incident under Main > Reporting > Data Loss Prevention > Incidents, then click Remediate > Run Remediation Script on the menu bar and select which script to run on that incident.
Policy Script - used for data loss prevention and discovery incidents. When a breach is discovered on a usage or discovery transaction, this script is run automatically. Because it’s associated with the network server, it can be larger and more demanding of CPU resources, and it can be based on other tools in network.
All 3 of these commands are configured the same way. For policy scripts, however, you’ll notice 2 tabs: Windows and Linux. This enables you to add separate commands for Windows and Linux operating environments.
Click View Complete Document for more.