It will reach to DB through the Remote Agent Handler.
Was my reply helpful?
If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!
I have tested in one of our client, the incidents are able reach to EPO server through Agent handler but unable to download the incidents to view in incident list.
Which is throughing error " the evidence is not available"
Hi @kranthi.k ,
Thank you for writing in here.
The error which you have mentioned is "evidence file not available" , this could be because the DLP Endpoint Console is showing as Not connected to Corporate Network and the DLP Incident Information in the DLP Incident Manager will show the connectivity state as Offline.
When the DLP Endpoint console shows "Not Connected to Corporate Network", and when DLP generates Incidents , these Incidents can be parsed to your EPO via the DMZ Agent handler, however if DLP Endpoint console shows not connected to corporate network, the Evidence files stays with the client machine itself.
These evidence files will be uploaded to the evidence share folder only when the the DLP Endpoint console shows "Connected to Corporate Network", to see when it can connect to corporate network and when it cannot, you would need to check the "Corporate Connectivity" settings under Windows Client Configuration policy assigned to this client machine from EPO.
For more possible scenarios, kindly have a view on the below kb,
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.
Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership: