cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
amy
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 1 of 1

DLP endpoint discovery scan

We have local discovery scans set up with scheduled scan to scan local user drive.  Scans run, when we look at incident manager some show Incident Type as Discovery Summary with 1 or 2 files under evidence, File system scan report and File System scan failures.

Others show Incident Type as File System Discovery with details such as evidence name, file size, short match string

Question is why do some report one way and some do not?  All have same policy assigned

A difference I see between the two is that in incident manager under the Rules Tab, the systems reporting Discovery Summary show nothing, they do show, under the classifications  tab the classifications in the rule set. 

The ones reporting File System Discovery show the Rule Set name and classifications under the tabs...

 

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community