Symantec Data Loss (DLP) Endpoint Agents do not generate incidents for policies you have configured with a custom data identifier.
01/01/2013 12:00:00 | 1234 | INFO | MessageLogger | MESSAGETYPE_DETECTION_RESULT MESSAGESOURCE_DETECTION 01/01/2013 12:00:00 [req#123 FAILURE <\b> is not a valid letter for index no incidents]
The custom data identifier contains an invalid regular expression element.
The DLP custom data identifier language uses a subset of the regular expression command set. Not all valid regex elements are supported. Note that the exact text in the log varies, however, the portion of the log entry following "req#nnn FAILURE" indicates the issue. In this log example, the character that is enclosed in angle brackets, <b>, is the expression element that is invalid.
To resolve the problem, check all custom data identifiers that are used in your policies. Ensure that you remove anything causing the error or is unsupported.
For additional information refer to the following articles: