Hello Keval,
Just some tips to get you started...
If your policy is capable to detect incidents probably you are just missing to activate the correct channels in the Agent Configuration.
First go to System/Agents/ Agent Configuration and select the configuration you are using. Then confirm that you have selected all Web channels (Firefox, Chrome, etc.).
Secondly, for non-native supported DLP applications that might be used to send e-mail (e.g. mozilla thunderbird) you will need to add them manually in the Application Monitoring list. And then activate the Application File Access in the Agent config channels (as done in first step).
Don’t forget to add the AFA as detection as well.. and to allocate response rules to the detection.
Regards,
Morgado