Target
This article is intended for administrators who are setting up and managing HENNGE Email DLP.
Purpose
This explains the columns (items) in the rule group setting file.
By using the setting file, you can register and update the settings of HENNGE Email DLP in bulk.
Please refer to the following article for how to create and import the setting file.
Creating import data (Setting file) for HENNGE Email DLP
Notes
1. The contents of this article are based on the product specifications as of May 2024 and may change without notice.
2. Administrator privileges for HENNGE Email DLP are required to check the actual screen and change settings.
For how to set up administrators, please refer to the following article.
Setup/ Change HENNGE Email DLP Administrators
3. The URL of the HENNGE Email DLP management screen varies depending on your tenant.
Access URL example: https://console.mo.hdems.com/#/admin/[Main Domain]
Content
- The file formats supported are YAML and JSON.
- The unique key is "name" (rule group name).
- In the case of "overwrite", the information associated with the above unique key will be completely overwritten.
If you want to modify only part of the rule, retain the necessary information on a filter basis.
Column | Description |
version |
Specify 1. (Fixed value) |
rule_groups |
Create rule groups specified in subsequent lines. |
name |
Specify the rule group name. |
description |
Specify the rule description. |
rules |
Create rules specified in subsequent lines. |
priority |
Set the rule priority. |
name |
Specify the rule name. |
action |
Create actions specified in subsequent lines. |
type |
Specify the type of action. ・send …Send |
attribute |
If type is send, delete, or request_approval, specify {}. |
auto_release |
Specify this item if type is suspend. |
visible_to_from_address_group |
Specify this item if type is suspend. |
duration |
If action type is suspend, specify the duration of suspension (minutes). |
encrypt |
If encrypting attachments, specify true. |
forwards |
Specify this item if adding BCC. |
envelope_to |
Specify the email address to add as BCC. ※ Up to 5 addresses can be specified. |
notifies |
Specify this item if notifying. |
type |
Specify the type of notification. ・notify_sender …Notify the sender ・notify_approver …Notify the receiver ※ If specifying both types, specify type for each notification type. |
predicate |
Specify the type of rule condition. ・and …Match all of the following conditions ・or …Match any of the following conditions ・all …All (no conditions specified) |
predicates |
Specify this item if the predicate value is and or or. |
target |
Specify the target for the rule condition. ・header:to:address …To: (Recipient) Email Address ・header:cc:address …Cc: Email Address ・header:tocc:address …To/Cc: (Recipient/Cc:) Email Address ・header:to:domain …To: (Recipient) Domain ・header:cc:domain …Cc: Domain ・header:tocc:domain …To/Cc: (Recipient/Cc:) Domain ・bcc…Bcc: Email Address ・header:subject …Subject: ・header:<any header name> …Any Header ・envelope:to …Envelope Recipient ・envelope:from …Envelope Sender ・body …Body (including attachments) ・attachment …Attachment |
predicate |
Specify the condition for the specified target. ・exist …Exists ・not-exist …Does not exist ・match …Matches regular expression ・not-match …Does not match regular expression ・exist-in-address-group …Exists in address group ・not-approver …Is not an approver ・header-exist …Exists ・header-not-exist …Does not exist ・attachment-exist …Exists ・attachment-not-exist …Does not exist ・filename-match …Match file name with regular expression ・content-type-match …Specify Content-Type ・all-password-protected-data …All are password protected ・has-password-protected-data …At least one is password protected ※ Refer to a separate table in this article for predicate values that can be set for each target. |
pattern |
Specify the pattern to detect in the rule condition if the predicate value is match, not-match, exist-in-address-group, not-approver, filename-match, or content-type-match. ※ If the predicate value is not-approver, specify the target address group. |
count |
Specify the number of times to match (or not match) the pattern in the rule condition. |
message_size |
Specify the size of the message to which the rule applies in kilobytes (KB). |
is_test |
Specify true if using test mode. ※ For details on test mode, refer to the following article. |
Appended Table: Predicate Values Configurable for Each Target
target | Configurable predicate values |
header:to:address |
・exist |
header:cc:address |
・exist |
header:tocc:address |
・exist |
header:to:domain |
・exist |
header:cc:domain |
・exist |
header:tocc:domain |
・exist |
bcc |
・exist |
header:subject |
・exist |
header:<any header name> |
・header-exist |
envelope:to |
・match |
envelope:from |
・match |
body |
・match |
attachment |
・attachment-exist |
Example of Creation
For an example of creating a setting file, please download and refer to the sample file from the "Rule Group Definition" section in the following article.
Sample HENNGE Email DLP Setting file for HENNGE Email DLP Import