Using the DiscoveryIncidentProcessing module
To make it easier to write remediation scripts for common use cases, Forcepoint DLP includes a helper Python module that performs some common tasks with the incident data XML file. The
module:
- Is named Discovery Incident Processing
- Can be easily imported into your Python code
- Is not required
Administrators can instead write their own XML parsing routines.
Note: The DiscoveryIncidentProcessing module cannot be used on endpoints with impersonation.
The DiscoveryIncidentProcessing module includes the routines described in the following sections.