Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Create Advanced Pattern Exceptions using Import CSV

  1. Last updated
  2. Save as PDF

You can now import a CSV file to exclude regular expressions (regex) or keywords from DLP matching in custom advanced patterns. This capability provides an efficient and scalable method for defining exceptions, drastically reducing the occurrence of false positives in DLP matching.

Key Benefits 

  • Efficiency and Accuracy. Reduces the time and effort required for manual entry of large volumes of regex patterns or keywords, minimizing human errors and ensuring a more accurate, comprehensive, and reliable set of exceptions.
  • Simplified Management. Enables administrators to efficiently maintain a robust, finely tuned DLP system with minimal manual intervention, enhancing overall security posture and operational efficiency.

Use Case on Advanced Pattern Exception for IPV4 addresses

Suppose you have a single regular expression designed to block or monitor traffic from all IPv4 addresses matching a broad pattern such as all addresses within a specific subnet or entire IPv4 range. However, you want to exclude a large list of trusted IP addresses (for example, a thousand known safe IPs) from this blocking or monitoring rule. By using the Import Advanced Pattern Exception capability, you can provide a CSV file containing these 1000 trusted IP addresses, ensuring they are exempt from being blocked or monitored. Without applying this exception, the regex would match all IPs, including the trusted ones, resulting in false positives.

Import Regex or Keywords from CSV File

To access the Import.csv option:

  1. Go to Policies > DLP Policies > Classification > Create Classification > Advanced Pattern > New.
  2. Enter a name and optional description for your custom Advanced Pattern.
  3. In the Regular Expressions tab, enter Keywords or Regular Expressions.
  4. Go to the Exceptions tab, click the three-dot menu, and click Import. csv.

    clipboard_e754e0c1bcb4156c784fd4b31553a071c.png
     
  5. Upload the desired CSV file containing regular expressions or keywords from your system. Make sure the CSV file adheres to a specific format for successful import. For details, see CSV File Format
  6. On the Importing Exceptions dialog, click Import.

    clipboard_ea17ee5f966669d9ea4d385f7f8666052.png


Your Regular Expressions and keywords have been imported to the Exceptions tab successfully.

NOTE: Exception entries must match the regular expression pattern exactly. For instance, if a regex identifies a 5-digit number, exceptions will only apply to 5-digit numbers. If you add an exception with a 4-digit number such as '1234', it will not work. However, '1234\d' will successfully exclude numbers ranging from 12340 to 12349. Make sure to include exceptions that are relevant to the regex pattern.

  1. To save your Advanced Pattern on the Classification page, click Save. 

    clipboard_e0d00267a62ef835bd648cfe98f7c3ecf.png

Your custom advanced pattern is saved to the selected category in the Classifications list. Add the classification to your DLP policies as needed.​​​​​

CSV File Format for Successful Import

For the bulk import to function correctly and seamlessly, the CSV file must adhere to a specific format. The header row must contain two precise column names.  The column names must be in lowercase and case sensitive.

  • phrase. In this column, add the keyword or regular expression you want to use as an exception.
  • type. In this column, specify whether the entry in the type column is a keyword or a regex. This must be in lowercase and case sensitive.

For a successful import, accurate classification is essential for the system to process the entries correctly. Any incorrect entries will not be added to the exceptions list.

Examples for CSV File Structure

To provide a clear understanding of the required CSV format, consider the following examples:

Example for Importing Keywords

When importing keywords, your CSV file should be structured as follows:

phrase,type
Confidential,keyword
Internal Use Only,keyword
Proprietary,keyword

In this example, each line after the header row represents a distinct keyword that will be added as a phrase for exception. The type column consistently identifies these entries as keyword.

Example for Importing Regular Expressions (Regex)

When importing regular expressions, the CSV file structure is as follows:

phrase,type
\b\d{3}-\d{2}-\d{4}\b,regex
"\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}\b",regex 
NOTE: The second regex is enclosed in double quotes because it contains a comma.

Here, each line provides a specific regular expression designed to match particular patterns (e.g., social security numbers or email addresses), and the type column correctly designates them as regex.

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    How-to
  2. Tags
    1. TOPIC ID 290