[HELP] [DLP] How to know where an item is being used?


Badge +12
  • Netskope Partner
  • 21 replies

Hello everyone, merry Xmas to all of you 🙂

 

I would like to be able to know where an item is being used/assigned. e.g. a DLP File Profile, a DLP Entity, a DLP Rule, etc.

 

The only way I found is trying to delete the item. This will show an error message if the item is being used and will show a bunch of items using that item (I think it shows up to 15, if more you won't see them all).

This can do the trick if you are totally sure the item is being used somewhere. Otherwise, you take the risk of deleting the item since the confirmation is displayed BEFORE NS checks the item is being used. Performing the usage check BEFORE asking for confirmation would prevent to accidentally delete an item if it is not being used.

 

I hope you understand what I try to explain.

 

Of course, having a "USAGE" button next to every item to display the information would be the best. In fact, this feature would be useful for the whole solution, not only DLP.

 

Is this feature considered in the routemap?

Do you know any other way to get the usage information?

 

Thanks in advance! And happy new year!

Òscar


10 replies

Userlevel 6
Badge +16

Hello Oscar,

 

I will see if there is an existing roadmap item for this.  If not, I will create an enhancement request for a feature like this.  It would certainly be useful for administrators.  I'd suggest reaching out to your local Netskope partner (channel) Solutions Engineer and mention this thread for tracking in the future. 

Userlevel 5
Badge +16

@sshiflett Did you find an enhancent request?   "Where Used" should be common throughout the policy, not just within the DLP elements.

Like @oscar, I'm resorting to deleting to find where/if an element is used.   Fortunately, accidental deletion can be reverted by re-editing the element (but not through "revert changes") prior to applying.

Userlevel 6
Badge +16

@qyost I did not see an existing feature request.  I submitted one last week via our internal tracking system and I included the feedback that this should be universal to all policy objects not just DLP (categories, DLP profiles, network locations, policies, etc).  

Badge +12

Thanks @qyost  for the tip about reverting the deletion.

 

Unfortunately, it seems revertion is not possible with entities (advanced flag enabled), because they just disappear and cannot be recovered back. In fact, there is no commit/apply required when created a new entity or deleted an unused entity. I just validated this myself right before writing this post.

 

@sshiflett, I hope you can provide a response about the request.

 

Thanks in advance,

Òscar

Userlevel 5
Badge +16

Ooo! Thanks for the warning on those.  I'm used to seeing that no-apply-necessary behavior within the settings, didn't realize there were elements within the Policies that were immediately impacted without save. I'll keep an eye out for those and notify our DLP admins that some changes can't be directly reverted.   

Userlevel 5
Badge +16

Added us to the interested parties list?   
Or could you ping Ajay Ramachandran to do so?

Badge +12

Hello @qyost ,

you misunderstood me 🙂

I said there is no commit required when a new entity is created from scratch neither when an UNUSED entity is removed.

Just in case, I just tested reight before posting and validated Netskope DOES REQUIRE to apply changes if a currently used entity is modified. So there is no risk on that.

 

Kind regards,

Òscar

Userlevel 5
Badge +16

Thanks for the clarification.   I've struck out my prior comment.
Still somewhat unsettling that some deletions are effective without an apply.

Userlevel 6
Badge +16

@qyost I'm happy to reach out to Ajay to tie you to this enhancement request.  

 

@oscar Can you let me know who your engineer is or reach out to them so we can ensure this is tracked for you as well? 

Badge +12

Hello @sshiflett ,

I sent you a private message.

Thanks,

Òscar

Reply