Control Manager (TMCM) / Apex Central receives logs from OfficeScan (OSCE) Data Loss Prevention under Directories > Users/Endpoints > [User] > Threats. It should show the Data Loss Prevention Incidents. However, checking the Data Loss Prevention Incident Investigation widget may either show an incorrect data or an error message stating "No permission to view data".
The report shown by Control Manager's/Apex Central's DLP Incident Widget may vary in numbers. To improve the accuracy of the report, change the scope of the report.
- On the Control Manager dashboard, go to DLP Incident Investigation.
- Navigate to Incident by Users > Widget Settings.
- Click Scope.
- Select Direct Managed Users or All Managed Users.
To resolve the issue of no permission, configure the user to be in one of the roles mentioned below.
- On the Control Manager dashboard, navigate to Administration > Account Management.
- Click User Roles.
- Assign one of the following roles as the DLP Incident Investigation is designed for the users under these roles:
- DLP Compliance Officer
- DLP Incident Reviewer
- Log off and log in using the said account.