Fortinet black logo

Online Help

Compliance Policy - Regex Configuration

Copy Link
Copy Doc ID df548089-ec91-11ee-8c42-fa163e15d75b:823099

Compliance Policy - Regex Configuration

Introduction

Regex or Regular Expression is a set of pattern matching rules used in search for specific data patterns in files located in the cloud accounts.

Here are some common search queries and the corresponding Regex:

Search Queries Regex
Specific Extension .*.(txt|pdf|doc|docx|xls|xlsx)$
Folder .*\/cucumber\/.*
File Name .*ssn.*
All Path .*

Example on using Regex search queries

PCI - Track all cardholder data access

Follow the steps below to enable and configure the policy

  1. Click on any Cloud Account drop down menu from FortiCASB dashboard, e.g. Salesforce, Office365, etc.
  2. Go to Policy > Compliance, then select PCI-DSS tab.
  3. Go to PCI - Track all cardholder data access and click > to expand the policy.
  4. Click on Enabled toggle switch button to enable the policy.
  5. Click on Severity level drop down menu to select the severity level (Critical, Alert, Warning, Information).
  6. Note: this policy generates both alert in Alert page and data in Compliance Report.

  7. In File Path Regex, enter .*.(txt|pdf|doc|docx|xls|xlsx)$ to track all files with extensions in txt, pdf, doc, docx, xls, and xlsx.
  8. In Data Patterns, click on the field and select DLP SSN, DLP Visa Credit Card, and DLP JCB to be monitored.
  9. Click Save Changes to finish.

Now all files with extensions in txt, pdf, doc, docx, xls, and xlsx will look for the presences of Social Security, Visa Credit card, and JCB card numbers.

Compliance Policy - Regex Configuration

Introduction

Regex or Regular Expression is a set of pattern matching rules used in search for specific data patterns in files located in the cloud accounts.

Here are some common search queries and the corresponding Regex:

Search Queries Regex
Specific Extension .*.(txt|pdf|doc|docx|xls|xlsx)$
Folder .*\/cucumber\/.*
File Name .*ssn.*
All Path .*

Example on using Regex search queries

PCI - Track all cardholder data access

Follow the steps below to enable and configure the policy

  1. Click on any Cloud Account drop down menu from FortiCASB dashboard, e.g. Salesforce, Office365, etc.
  2. Go to Policy > Compliance, then select PCI-DSS tab.
  3. Go to PCI - Track all cardholder data access and click > to expand the policy.
  4. Click on Enabled toggle switch button to enable the policy.
  5. Click on Severity level drop down menu to select the severity level (Critical, Alert, Warning, Information).
  6. Note: this policy generates both alert in Alert page and data in Compliance Report.

  7. In File Path Regex, enter .*.(txt|pdf|doc|docx|xls|xlsx)$ to track all files with extensions in txt, pdf, doc, docx, xls, and xlsx.
  8. In Data Patterns, click on the field and select DLP SSN, DLP Visa Credit Card, and DLP JCB to be monitored.
  9. Click Save Changes to finish.

Now all files with extensions in txt, pdf, doc, docx, xls, and xlsx will look for the presences of Social Security, Visa Credit card, and JCB card numbers.