Skip to main content

Hello Community!

I would like to apply a custom DLP rule to my existing ones. I have created a regex which is working fine in other sites (such as regex101) but I am struggling to apply it in Netskope. Can anyone please help me to translate it to Netskope's "grammar"?

Here is the regex: 


^.(?=.*[!£@#$%^&+=])(?=.{11,}$).*$
(any characters, at least 1 special character, more than 10 chars)

Any help would be highly appreciated.

Short answer is  (.*[!£@#$%^&+=])(.{10,}).* will work. Netskope doesn't support anything with (? in it. Also, it's not good practice to use ^ or $ in our RegEx as it's typically designed for form validation.


Thanks for the input!
If I separate the two and test it one by one it works, otherwise it does not.  I attach a screenshot. It says the regex is valid, and it supposed to pick up the first 3 as a match.
Any more advise would be highly appreciated.

 


Hi, @PatrikAdarma.  Welcome and thanks for asking your question in the community.  🙂


 


@jason can you help @PatrikAdarma with the second part of his question?  


 


If Jason answers your question satisfactorily, could you please come back and select the button "Accept as Solution."  This will help others easily find the accepted solution in future searches.


 


Thanks for contributing to the success of the Netskope Community.



Best,


JulieB


This should trigger on 11 characters or more. It was missing A-Za-z.

([!£@#$%^&+=A-Za-z])(.{10,}).*

 


Thank you for your reply!

Unfortunately, this is still not a solution for my question. I would like to have 2 conditions to be met in the regex:
(Minimum 11 characters AND it has to include at least 1 special character) 
--> ((!£@#$%^&+=A-Za-z])(.{10,}).* <-- this is matching those ones which are more than 11 characters long but no special character included. (please see attached screenshot)

Is there any way to satisfy these conditions or do you know any other alternative?

Regards,
Patrik

 


Apologies. I didn't check for a negative. I believe that the only way to do this, since we don't support forward and reverse lookups, would be to leverage a new feature called Entity Modifiers. It's only available currently via a backend flag. You can request it be enabled via your SE or Customer Success Manager. This new feature allows for you to use "Begins with", "Does not begin with", Filters, and RegEx validators. Basically you can split the two RegExes into a primary "(.{10,}).*" and then use the validator to add a second check for "[!£@#$%^&+=]. I've requested it to be enabled on my tenant, so I can't test it just yet, but I do have a screenshot of what it will look like, attached.

 


Thanks Jason. I contacted our SE for approval. 

Regards,
Patrik


Hi Jason.
Thanks for the info regarding Entity Modifiers. This feature is very useful.
Unfortunately, when I try to create a new rule, it does not let me save it if there is a .* in the regex. Which is required to be able to detect the special character in a string.
Do you have any advise? 

Regards,
Patrik


Patrik,


Apologies for the delay in my response. I got Entity Modifiers enabled in my tenant and realized that you can't use an inclusive RegEx as a second validator. We do have "begins with", "does not begin with", "ends with", "does not end with", and "does not contain", but we don't have a "contains" which makes this difficult. It's been filed as an enhancement request for now. I attempted to use "does not contain" but I still was not able to come up with a negative for checking, (W|D|S) didn't work. I'll keep trying, but at the moment, I don't have a solution. 


No problem Jason! Thank you for your support, I really appreciate it. 

Regards,
Patrik


Reply