cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

DLP Incident Task 'Purge Incidents'

We have to save Incidents and evidences for two years, but DLP Incident Task 'Purge Incidents' will delete part of it. What could you suggest? Is it possible extend this limit more than 5,000,000? Or are there some possibilities to archive events and when needed access them with ability also get (decrypt) proper evidences? Thanks.
1 Reply
McAfee Employee Mreaden
McAfee Employee
Report Inappropriate Content
Message 2 of 2

Re: DLP Incident Task 'Purge Incidents'

User58872222,

There is no mechanism in place to increase the limit passed 5,000,000 incidents. However, exported incidents using Case Management could be an option. 

For example, go to Incident Manager and select the desired incidents to add to a Case. 

 

clipboard_image_0.png

Once Case is created, go to DLP Case Management under Data Protection. Select the Case ID, click actions, then Export Selected Cases. 

clipboard_image_1.png

 

The exported .zip file contains a separate folder for each case. Each case folder contains matching incident sub-folders with details. 

You have the option to add the decrypted evidence files and match-string files to each incident ID supbfolder, Add a CSV file with incidents list information, or Add a CSV file with details about each evidence file. 

 

Thanks

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community