You mentioned a fake SSN, does it match the criteria of your policy? How fake is the number you are using? For testing I like to use the CEO of LifeLock's SSN (just google it) and that way you know it is a valid SSN and it is within the assigned range, etc.
Chance are your SSN is just not violating the policy in place and that might be all that is wrong. How narrow is the breadth of your policy?
Like I said earlier google the CEO of LifeLock for his actual SSN and then try your Endpoint Discover scan. If it doesn't generate then, I would try a support ticket like Ryan suggested