I looked through DLP docs and it seems only rule/action we can create for a policy is if it detects a violation. Is there a way to trigger an action if a scan is negative?
Requirement:
I have a filesystem that I want to scan. If scan is negative for a file (i.e. no malicious content found), then I want to move the file to a staging directory for further processing.
If, on the other hand, the scan is positive, leave ithe file where it is, and send email/open INC ticket etc.
I think the second part is doable, but is the first part doable?