![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 52%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAW%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Purview
A unified data governance solution that helps manage, protect, and discover data across your organization
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(16, 2%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMK%3C/text%3E%3C/svg%3E)
It looks like you’re diving deep into Microsoft Purview and want to utilize it for identifying and monitoring sensitive data on your on-premises file share. It’s great to hear that you’ve set up the Information Protection Scanner and are able to see file discovery events!
However, I understand that you’re not seeing DLP-related events or detections of sensitive information, and that can definitely be frustrating. Here are a few things to consider that might help you out:
Ensure that Data Sources are Registered: Make sure that your on-premises file share is properly registered with Microsoft Purview for data use management. This is necessary for DLP policies to effectively identify and monitor sensitive data.
Check Policy Publishing: Double-check if your DLP policy is published correctly. Policies remain in draft mode until published; ensure you have the necessary permissions to publish and that the policy is published to the right data sources.
Sensitivity Labels and Classification: Analyze if the data you’re looking for falls under any of the sensitivity labels or classification types you've set up. Verify that the labels are correctly associated with the data and are published to users who need access.
Explore Custom Classifications: If you have specific data types you want to identify, you can create custom classifications and rules. This would allow you to define exactly what sensitive data you want the scanner to track.
Scan Rule Configuration: Check if the scan rules are set up specifically to look for the sensitive information types that are relevant to your DLP policies.
Time for Enforcement: Sometimes there can be a delay in seeing DLP results after a scan. Depending on the type of DLP policy, it can take several hours to enforce after the scan.
If these suggestions don’t solve the issue, could you provide a bit more information? Here are some follow-up questions that might help clarify things:
- Have you confirmed that the on-premises data source is registered for data use management?
- Can you verify if the DLP policy is published and has the right permissions set up?
- Are you using any specific sensitivity labels or classifications that you expect to apply to the detected information?
- How are you currently configuring the scan rules in your Purview setup?
- Are there specific types of sensitive information you are trying to monitor?
Hope this helps, and I look forward to your response!