Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Grouping users to create a report within Data Loss Prevention

Created: 18 Jun 2013 | 2 comments

I would like to create a report to monitor a specific 300 users within my organization. My thought is to create a User Group from the Directory server. Does anyone know another way this task would work best with?

Thanks in advance.

Operating Systems:

Comments 2 CommentsJump to latest comment

pete_4u2002's picture

creating DGM is easier one when you want polciies to be applied for specific group of users based on sender recipient.

 

stephane.fichet's picture

Hi JK

 

 If it is to create a policy dedicated to this group of user, i agree with pete DGM is easier and faster.

 If it is only for reporting, you can use filters in DLP reports. So you can add a filter on sender is any of <list of your users> and then you will have only incident generated by this group. If you want to summerize all type of incident (network, endpoint, and discover, and mobile) generated by this users, you will have to process DLP incident in an other tool as (for now) this risk view does not exist in the tool. When customers want this kind of risk reports, i perform some incident extract (csv or xml depending of the information expected in the final report) and then process them with some script.

 

 Regards.