6.4 Watermark files

Nowadays, data leak becomes more and more popular, once the data went outside the organization, there is no way to track who caused the leak. Adding watermark to sensitive data is one of the solutions.

Supported File Types

  • JPEG

  • TIFF

  • PNG

  • GIF

  • PDF

To set watermark

  • Policies > Workflow rules > "Workflow name" > Proactive DLP


The "TEXT WATERMARK" field supports the following variables:

  • ${user}: Username who submitted file (if any), we have this info on database but haven't exposed yet

  • ${client_ip}: Client IP address (version 4) where the file submission comes from

  • ${filetime|epoch} : Unix/Epoch timestamp (e.g. 1561729083296) of file submission time

  • ${filetime|full} : Full format timestamp of file submission time (28 06 2019 01:38:03 PM UTC)

  • ${filetime|short} : Short format timestamp (e.g. 28/06/2019) of file submission time

  • ${dataid} - this string identifies a file processing and can be used to retrieve results of processing

  • ${original.basename} - name of the file to be processed, without file extension

  • ${original.extension} - extension of the file to be processed

  • ${converted.extension} - extension based on the target file type, for now, it is the same as ${original.extension}

From MetaDefender Core 4.16.3, you can define variables in metadata in the process file api and retrieve them for the "TEXT WATERMARK". For example:
metadata: {"client_ip":"","user_name":"john"}
TEXT WATERMARK: ${ client_ip }_${ user_name}

Sample output