Data loss prevention policy violations
This shows all the emails that have violated email Data Loss Prevention (DLP) policies.
This option is only available with an Email Advanced license.
Go to Logs & Reports > Reports > Data loss prevention policy violations.
For help with email DLP policies, see Data Loss Prevention policy.
If you have domains connected with Sophos Gateway and Sophos Mailflow, click Type to select which one to view.
Select the time period for which you want to view details of policy violations. Details for the last 30 days are shown by default.
You can see the following information:
- Direction: You can choose to view all processed emails, all inbound or all outbound.
- Category: You can filter the report by the type of information affected, for example financial information (FI).
- Action: You can filter the report by the action taken.
You can also click Create Phish Threat campaign to create training for your users. See Phish Threat.
This option is only available with a Sophos Phish Threat license.
The users who have been logged by the data loss prevention policies for the date range you have selected are automatically included in the campaign. You can also add and remove users manually.