Data Loss Prevention

I have installed DLP, server and agent are communicating well, I have created few policies and have applied them on agents, 
ex. "block source code sharing" and agent shows pop up if someone tries to violet policy. But at the server side I am getting
"Corrupted incident received" with error message code 1802. This is a fresh installation so database is having full space.
I can see incidents coming to \incidents folder with .idc extension but then it gets renamed to .bad file, that eventually means 
incidents are not getting inserted into oracle database. So I am not able to view any incident in enforce server console.

hello

 This can be caused by lot of components to be analyzed like an archive file which contains more than thousand files. You can try to increase paramater named max.component.per.message to a higher value (default is 1000). this parameter solved sometimes this issue for network monitors so if it does not match may be there is an other parameter which can solve your issue.

 regards.

can you please tell me how to increase this value? 

A workaround is to increase this parameter to accommodate messages with more than 1000 components.

On the Enforce server, in /Vontu/Protect/config modify the IncidentPersister.properties and increase the following parameter:

# max.component.per.message is the maximum number of message components in an incident
max.component.per.message=1000

Increase this to a higher number that will let the incident persister process incidents. 

However, this change can result in Out of Memory (Java) and process time out issues.

If there are OOM or time out issues, the Java Heap space for the Vontu Incident Persister may need to be doubled.

Check the JVM memory properties in /Vontu/Protect/config/VontuIncidentPersister.conf.

Double the following parameters:

# Initial Java Heap Size (in MB)
wrapper.java.initmemory=XXXX
# Maximum Java Heap Size (in MB)
wrapper.java.maxmemory=YYYY

Where XXXX and YYYY are double the previous values.