Merge pull request #4896 from MicrosoftDocs/main

m365-skilling-repo-management[bot] · web-flow · commit 9dd54bb2035a · 2025-09-01T14:32:53.000Z
[AutoPublish] main to live - 09/01 07:30 PDT | 09/01 20:00 IST
diff --git a/CloudAppSecurityDocs/data-protection-policies.md b/CloudAppSecurityDocs/data-protection-policies.md
@@ -1,7 +1,7 @@
 ---
 title: File policies
 description: This article describes the procedure for setting up a data policy to monitor and control the data and files in your organization's cloud app use.
-ms.date: 02/15/2023
+ms.date: 09/01/2025
 ms.topic: how-to
 ms.reviewer: MayaAbelson
 ---
@@ -84,12 +84,22 @@ To create a new file policy, follow this procedure:
 
     When content is matched against the selected expression, the violation text is replaced with "X" characters. By default, violations are masked and shown in their context displaying 100 characters before and after the violation. Numbers in the context of the expression are replaced with "#" characters and are never stored within Defender for Cloud Apps. You can select the option to **Unmask the last four characters of a violation** to unmask the last four characters of the violation itself. It's necessary to set which data types the regular expression searches: content, metadata and/or file name. By default it searches the content and the metadata.
 
-1. Choose the **Governance** actions you want Defender for Cloud Apps to take when a match is detected.
 
-1. Once you've created your policy, you can view it by filtering for the **File policy** type. You can always edit a policy, calibrate its filters, or change the automated actions. The policy is automatically enabled upon creation and starts scanning your cloud files immediately. Take extra care when you set governance actions, they could lead to irreversible loss of access permissions to your files. It's recommended to narrow down the filters to exactly represent the files that you wish to act upon, using multiple search fields. The narrower the filters, the better. For guidance, you can use the **Edit and preview results** button next to the filters.
+1. In the **Alerts** section, configure any of the following actions as needed:
+
+    - **Create an alert for each matching event with the policy's severity**
+    - **Send an alert as email**
+    - **Daily alert limit per policy**. Note that governance actions are not impacted by the daily alert limit.
+    - **Send alerts to Power Automate**
+    -
+1. Choose the **Governance** actions you want Defender for Cloud Apps to take when a match is detected. Be careful when you set governance actions, they could lead to irreversible loss of access permissions to your files.
+
+1. Once you've created your policy, you can view it by filtering for the **File policy** type. You can always edit a policy, calibrate its filters, or change the automated actions. The policy is automatically enabled upon creation and starts scanning your cloud files immediately.  We recommended narrowing down the filters using multiple search fields to get the files that you want to work with, . The narrower the filters, the better. You can use the **Edit and preview results** button next to the filters.
+
+:::image type="content" source="media/file-policy-edit-and-preview-results.png" alt-text="Screenshot that shows how you can see a preview of the filtered results for file policies.":::
+
+
 
-    ![File policy edit and preview results.](media/file-policy-edit-and-preview-results.png)
-   
 1. To view file policy matches, files that are suspected to violate the policy, go to **Policies** -> **Policy management**. Filter the results to display only the file policies using the **Type** filter at the top. For more information about the matches for each policy, under the **Count** column, select the number of **matches** for a policy. Alternatively, select the three dots at the end of the row for a policy and choose **View all matches**.  This opens the **File policy report**. Select the **Matching now** tab to see files that currently match the policy. Select the **History** tab to see a history back to up to six months of files that matched the policy.
 
 ## Limitations
diff --git a/CloudAppSecurityDocs/media/file-policy-edit-and-preview-results.png b/CloudAppSecurityDocs/media/file-policy-edit-and-preview-results.png
diff --git a/CloudAppSecurityDocs/user-activity-policies.md b/CloudAppSecurityDocs/user-activity-policies.md
@@ -51,6 +51,13 @@ To create a new activity policy, follow this procedure:
 1. Under **Create filters for the policy**, select when a policy violation will be triggered. Choose to trigger when a **Single activity** matches the filters or only when a specified number of **Repeated activities** are detected.
     - If you choose **Repeated activity**, you can set **In a single app**. This setting triggers a policy match only when the repeated activities occur in the same app. For example, five downloads in 30 minutes from Box trigger a policy match.
 
+1. In the **Alerts** section, configure any of the following actions as needed:
+
+    - **Create an alert for each matching event with the policy's severity**
+    - **Send an alert as email**
+    - **Daily alert limit per policy**. Note that governance actions are not impacted by the daily alert limit.
+    - **Send alerts to Power Automate**
+
 1. Configure the **Actions** that should be taken when a match is found.
 
 Take a look at these examples:
