Supported editions for this feature: Frontline Standard ; Enterprise Standard and Enterprise Plus; Education Fundamentals, Education Standard, Teaching and Learning Upgrade, and Education Plus ; Enterprise Essentials Plus. Compare your edition
Drive DLP and Chat DLP are available to Cloud Identity Premium users who also have a Google Workspace license. For Drive DLP, the license must include the Drive log events .
You configure data loss prevention (DLP) rules to protect sensitive content. To keep DLP rules working to protect your content, make sure your DLP configuration settings stay within the following recommended size limits. Some of these limits are not enforced, but stay within the limits stated in this article. If you exceed these limits, your DLP rule might not work.
Drive DLP content limits
Content
Limit
Drive text content (with markup)
- 1 MB
- Any text beyond this limit is not scanned by DLP for Drive, and the text is truncated.
Number of files scanned within a zip file
1000
Chat and Chrome DLP content limits
Content | Limit |
---|---|
Chat message or web page content | 10 MB |
Number of files scanned within a zip file | 1000 |
Number of items detected per file | 10,000 |
Rule size limits
Rule attribute
Limit
Rule count maximum
1000
You cannot save any rules after exceeding this limit.
Rule description length
500 characters
Individual rule size
1.5 KB
This limit is accrued after you save the rule and it’s compiled by the system. If you reach this limit, you can’t save additional settings for the rule. For example, if you have a very large description or a long list of conditions, you can exceed this limit.
In general, you should not create very large rules. To avoid large rules:
- Use short rule descriptions.
- Use word lists where possible.
- Avoid using long lists of conditions.
All rule configuration settings: The size limit for all DLP rule configuration settings, such as the number of rules and the size of rule descriptions
2 MB
This 2 MB limit is the combined size of all DLP rule configuration settings, after you save them and they’re compiled by the system. Notwithstanding any of the limits above, if you reach this limit, you can’t save additional settings.
Detector size limits
Detector attribute
Limit
Detector count maximum
1000
Maximum total size of word list
60 KB
Word list phrase component length (continuous sequences containing only letters, only digits, only non-letter characters, or only non-digit characters)
40
Maximum number of words in a word list
950
Size of a regular expression
1,000 characters
Regex detector count and word list detector count maximums combined for all rules
Combined limit: 30
- Word list detectors maximum (used in all rules): 10
- Regex detectors maximum (used in all rules): 20
Note that the number word list and Regex detectors are combined and together cannot exceed 30 detectors.
Email address detector
40,000 entries
Detector size
Notwithstanding the other limits above, an individual detector may not be more than 2 MB.
Rule alert email recipient limits
10 recipients in DLP rule alert center action
If you need to notify more recipients:You can add groups as recipients instead of individual administrators. Learn how to create groups .
DLP for Gmail content limits
Content
Limit
- Content filters scan messages and attachments up to 1MB. Message contents and attachments are converted to a single file in a scannable format. Gmail scans the converted file. For converted files larger than 1MB, Gmail scans only the first 1MB of the converted file. Gmail doesn’t convert or scan files that are larger than 10MB.
- Content in the destination of URL links is not scanned.
- Files stored in Drive and linked to a message are subject to the DLP rules for Drive. Learn more about DLP for Drive .