Netskope Help

Slack Messages with Violations Page

The messages with violations page provide a high-level overview on the status as well as stats of message exposure, violations, and channel types. You can search for messages that may violate corporate policy.

Tip

You can refresh the page by clicking the refresh icon beside the instance name of the app.

The page contains a table showing sent at, sender, exposure, policy hit, message ID, and sender type information.

The page allows you to search for specific users and messages using filters. To use the search filters, click the filter icon to apply one or more of these filters:

  • Sender Name: Find messages owned by a specific user.

  • Channel Name: Find messages in a specific channel.

  • Message ID: Find messages based on the Netskope-defined message ID, which is a combination the Slack channel ID and the Slack message timestamp.

    You can also search for information by clicking the + sign to use these predefined filters:

  • Exposure: Find messages based on their exposure like Public, Private, Externally Shared, and Internally Shared.

  • Sender Type: Find messages based on the user type like Internal User or External User.

  • Channel Type: Find messages based on whether the channel used is public, private, or direct messaging.

  • Team: Find messages associated with a specific team. This filter only appears for Slack for Enterprise.

  • DLP Policy Hit: Find messages that hit a DLP policy.

  • DLP Profile: Find messages that may have critical information like PCI, PII, PHI, or any DLP profile.

  • DLP Rule: Find messages that violate predefined and custom data identifiers in your profiles.

Based on the filter used, a list of messages is displayed in the messages with violations table. To view complete details about a message, click on an item to open the message details summary.

This page also allows you to export the contents of the messages with violations table. Click EXPORT to download a spreadsheet file.