Filter out company domain in Reports
The default reporting of Symantec DLP includes the actual domain our company is using 'pg.com'. I've tried using the filters and summarization for the custom report, but what would happen is it filters out all incidents that contain the 'pg.com' domain even if the incident also has another external domain (i.e. incident is gmail.com, pg.com, the entire incident is filtered out including the domain gmail.com). I've tried filtering via 'Domain contains any of' and typing all existing domains, but from a maintenance stand point, it doesnt seem sustainable, as i will need to add the new domains every time a new one comes in.
Any ideas on how to do this?