Data Loss Prevention

I have set up DLP server on one machine and DLP agent on another machine, I set up few policies from server and those policies are working properly on agent, ex.one of the policy is to "block source code sharing", so whenever i try to copy source code from agent machine, it doesn't allow me, it blocks it.

But I am not able to see these events/incidents in DLP console.

On what port does DLP agents sends events/incidents? because server machine might be blocking that port. 

hello,

 i think this is related to your other post about corrupted incident.

if incident arrived to enforce (even as corrupted) it means communication works fine. Do you use same crypto key on all detection servers ?

 regards.
 

Is your is.ead file growing larger than 9k. This is located in /Program Files/Manufacturer/Endpoint Agent/is.ead. If the file is growing then that means incidents are detected, but are not able to get to Enforce. Perhaps there is a firewall between Endpoint Server and Endpoint Agent? Communication occurs on port 8000 of the Endpiont Server and is bi-directional. Make sure the agent is able to receive a persistent connection.