Have already opened a SR, but it's not going well so far. Perhaps someone here will have insight!
I've installed two on-prem scanners, which are communicating fine with Azure and the repository. Feel confident the scanner job is configured correctly to work with DLP policy. Enforce = On.
We are doing a very simple test with a DLP policy (configured in Purview) that looks for files with certain sensitivity labels. No action configured, it just emails admin and me. I made sure that the scanner service account is in the scope for the published information protection label policy. Also made sure a few Word documents were out there with the right sensitivity labels checked. The AIP SuperUser role has not been enabled.
This error appears in the scanner log:
Warn 2023-02-01 10:27:32.8691 MSIP.Scanner MSIP.Scanner (11824) Rule: <DLP Policy Rule> contains unsupported action <domain\service account> 7 "Microsoft.InformationProtection.Scanner.ScannerService+<StartScanning>d__42.MoveNext
Any insight is greatly appreciated!