Cisco Cisco Email Security Appliance C650 Guía Del Usuario

15-38

Cisco AsyncOS 8.0 for Email User Guide

Chapter 15 Data Loss Prevention

Showing or Hiding Sensitive DLP Data in Message Tracking

Both RSA Email DLP and RSA Enterprise Manager deployments offer the option to log the content that
violates your DLP policies, along with the surrounding content, which can then be viewed in Message
Tracking. This content may include sensitive data such as credit card numbers and social security
numbers. You can opt not to log this content.

Before You Begin

Enable Message Tracking. See

Chapter 26, “Tracking Messages.”

Procedure

Step 1

Select Security Services > RSA Email DLP.

Step 2

Click Edit Settings.

Step 3

Submit and commit your changes.

$remoteip

Replaced by the IP address of the system that sent the message to
the Cisco appliance.

$recvlistener

Replaced by the nickname of the listener that received the
message.

$dropped_filenames

Same as

$filenames

, but displays list of dropped files.

$dropped_filename

Returns only the most recently dropped filename.

$recvint

Replaced by the nickname of the interface that received the
message.

$timestamp

Replaced by the current time and date, as would be found in the
Received: line of an email message, in the local time zone.

$Time

Replaced by the current time, in the local time zone.

$orgid

Replaced by the SenderBase Organization ID (an integer value).

$enveloperecipients

Replaced by all Envelope Recipients (Envelope To, <RCPT TO>)
of the message.

$dropped_filetypes

Same as

$filetypes

, but displays list of dropped file types.

$dropped_filetype

Returns only the file type of the most recently dropped file.

Variable Substituted

With

Do This

Include sensitive content in Message Tracking.

Select the Enable Matched Content Logging
check box.

Hide sensitive content from Message Tracking.

Deselect the Enable Matched Content Logging
check box.