Skip to main content

DLP Regex Advanced Filter regex case-sensitive settings

  • October 24, 2022
  • 5 replies
  • 197 views
oscar
Netskope Partner
Forum|alt.badge.img+12

Hi all, thanks for reading.

 

I'm using Entity advanced filter options to remove false positives caused by a regex.

The problem I'm observing is it seems the case-sensitive option set in the upper part of the config dialog does not apply to the regex defined as filters.

 

** Please check the attached picture as a dummy example of the issue I'm facing.

Attached Example: The entity is set as case-sensitive. The filter is supposed to exclude any string not starting by 3 lower-case letters ([a-z]{3}). The observed behaviour is excluding strings not starting by 3 letters ([a-zA-Z]{3}) though, like it was case-insensitive (ignoring the setting above).

 

Could you please confirm the regex defined as filters are hardcoded as case-insensitive?
If so, is it planned to change this behaviour?

 

Thanks in advance,

Òscar

1 Attachments
Rohit_Bhaskar
This topic has been closed for replies.

5 replies

jason
Netskope Employee
Forum|alt.badge.img+11
  • jason
  • Netskope Employee
  • October 25, 2022

I'm not aware of any case sensitive/insensitive limitations, but I'm checking with ENG to see.

Regards,Jason SheffieldSE OpsNorth Americajason@netskope.com
oscar
oscar
Netskope Partner
Forum|alt.badge.img+12
  • oscar
  • Author
  • Netskope Partner
  • November 9, 2022

Hello @jason , I hope you are well.

 

Were you able to get confirmation about it? I need to differentiate between upper and lower case letters but I don't know how to make it.

 

Thanks in advance,

Òscar

oscar
Netskope Partner
Forum|alt.badge.img+12
  • oscar
  • Author
  • Netskope Partner
  • April 28, 2023

@jason Just for the record. Limitation confirmed. An ER has been registered for this. Thanks.

N
Forum|alt.badge.img+12
  • nduda
  • Explorer
  • September 26, 2023

Followin up on this post. Can we get confirmation if the Advanced Options configuration applies when validating regex. I can't get this validated  using that process. Has anyone got this to actually work? (Do not start with regex)

oscar
Netskope Partner
Forum|alt.badge.img+12
  • oscar
  • Author
  • Netskope Partner
  • September 26, 2023

Hi @nduda ,

AFAIK, advanced filters are not considered by the embedded regex validator.

I had to use advanced filters several times and always end validating by testing the whole thing in a DLP policy (smtp or upload), is actually quite fast testing things like this. If you have a test or preproduction environment, I'd go for that. If you need to set several filters (regexes), I'd go one by one, adding, testing, validating, and so on.

 

If I can help you, let me know.

 

Regards,

Òscar

Badges Winner

Show all badges

Not finding what you're looking for?

Don't be shy and let us know about your challenge.

Ask your question here!
Terms & ConditionsCookie settingsAccessibility statement