New-DlpSensitiveInformationType
This cmdlet is available only in Security & Compliance PowerShell. For more information, see Security & Compliance PowerShell.
Use the New-DlpSensitiveInformationType cmdlet to create sensitive information type rules that use document fingerprints.
For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.
Syntax
New-DlpSensitiveInformationType
[[-Name] <String>]
[-Fingerprints <MultiValuedProperty>]
[-Confirm]
[-Description <String>]
[-FileData <Byte[]>]
[-IsExact <Boolean>]
[-Locale <CultureInfo>]
[-ThresholdConfig <PswsHashtable>]
[-WhatIf]
[<CommonParameters>] Description
Sensitive information type rule packages are used by data loss prevention (DLP) to detect sensitive content in messages.
To use this cmdlet in Security & Compliance PowerShell, you need to be assigned permissions. For more information, see Permissions in the Microsoft Purview compliance portal.
Examples
Example 1
$Employee_Template = [System.IO.File]::ReadAllBytes('C:\My Documents\Contoso Employee Template.docx')
$Employee_Fingerprint = New-DlpFingerprint -FileData $Employee_Template -Description "Contoso Employee Template"
$Customer_Template = [System.IO.File]::ReadAllBytes('D:\Data\Contoso Customer Template.docx')
$Customer_Fingerprint = New-DlpFingerprint -FileData $Customer_Template -Description "Contoso Customer Template"
New-DlpSensitiveInformationType -Name "Contoso Employee-Customer Confidential" -Fingerprints $Employee_Fingerprint[0],$Customer_Fingerprint[0] -Description "Message contains Contoso employee or customer information."This example creates a new sensitive information type rule named "Contoso Employee-Customer Confidential" that uses the document fingerprints of the files C:\My Documents\Contoso Employee Template.docx and D:\Data\Contoso Customer Template.docx.
Parameters
-Confirm
The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding.
- Destructive cmdlets (for example, Remove-* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax:
-Confirm:$false. - Most other cmdlets (for example, New-* and Set-* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-Description
The Description parameter specifies a description for the sensitive information type rule.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-FileData
{{ Fill FileData Description }}
| Type: | Byte[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-Fingerprints
The Fingerprints parameter specifies the byte-encoded files to use as document fingerprints. You can use multiple document fingerprints separated by commas. For instructions on how to import documents to use as templates for fingerprints, see New-Fingerprint or the Examples section.
| Type: | MultiValuedProperty |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-IsExact
{{ Fill IsExact Description }}
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-Locale
The Locale parameter specifies the language that's associated with the sensitive information type rule.
Valid input for this parameter is a supported culture code value from the Microsoft .NET Framework CultureInfo class. For example, da-DK for Danish or ja-JP for Japanese. For more information, see CultureInfo Class.
You can add additional language translations to the sensitive information type rule by using the Set-DlpSensitiveInformationType cmdlet.
| Type: | CultureInfo |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-Name
The Name parameter specifies a name for the sensitive information type rule. The value must be less than 256 characters.
The value of this parameter is used in the Policy Tip that's presented to users in Outlook on the web.
| Type: | String |
| Position: | 1 |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-ThresholdConfig
{{ Fill ThresholdConfig Description }}
| Type: | PswsHashtable |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-WhatIf
The WhatIf switch doesn't work in Security & Compliance PowerShell.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |