How to release all quarantined emails at once in RSA Data Loss Prevention 9.6 and later versions
Originally Published: 2016-05-11
Article Number
Applies To
RSA Product/Service Type: Enterprise Manager / Network Interceptor
RSA Version/Condition: 9.6
Platform: Windows 2008 Server R2 Enterprise (64 bit)
Tasks
Resolution
- SSH to Network Interceptor with tablus account:
- Take a backup from the quarantine queue to any other location
-
cp /var/spool/mqueue-quarantine/* /home/tablus/mqueue-quarantine-backup
- move all the quarantine emails to the outgoing queue to be released and forwarded to your smarthost
mv /var/spool/mqueue-quarantine/* /var/spool/mqueue-out
- Login to RSA_DLP_EM Database, and execute the below query:
update E_ABSTRACT_EVENT_ACTION set action_type='release' where action_type='quarantine'
The above query will change all the incidents that were quarantined action to "release" status in Enterprise Manager.
Related Articles
Endpoint Agents Certificate Renewal Pending error in RSA Data Loss Prevention 9.6 and later Number of Views Control and limit the size of the event uploaded from the endpoint in RSA Data Loss Prevention 9.6 and later Number of Views How to scan end-users home network-mapped folder in RSA Data Loss Prevention 9.6 and later Number of Views Enabling Secure LDAP (LDAPS) between an RSA Data Loss Prevention Enterprise Manager server and an LDAP server Number of Views Endpoint installation failed with the Error 1901 in RSA Data Loss Prevention version 9.6 and later Number of Views
Trending Articles
How to manipulate imported RSA SecurID Software Token(s) on an iPhone or iPad device RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide How to Download OTP Token Seed Files from myRSA Download RSA SecurID Access Cloud User Event audit logs using Cloud Administration REST API CLU
Don't see what you're looking for?
