Hello
I have created a basic policy group and applied endpoint server to it.
created policy - basic PCI & keyword based with a response rule - notify user
exception are configured to monitor all channles including SMTP,HTTP/S, WEB , REMOVABLE MEDIA etc.
endpoint agent configuration is used - the default one - and under that selected all channels. ( enabled channels )
I can see the agent in healthy state and have applied and updated agent config to endpoint server.
I still do not see any incident created at the endpoint ( traffic also shows no messages )
I can see processes are running on the endpoint and endpoint is also up and running but incidents would not get triggered.
have excluded files within SEP pertaining to DLP agent kvoop.exe and few others.
any suggestions to check ?