Supported editions for this feature: Frontline Standard and Frontline Plus; Enterprise Standard and Enterprise Plus; Education Fundamentals, Education Standard, and Education Plus; Enterprise Essentials Plus. Compare your edition
Drive DLP and Chat DLP are also available to Cloud Identity Premium users who also have a Google Workspace license (Enterprise, Business, or Education editions).
You configure data loss prevention (DLP) rules to protect sensitive content. To keep DLP rules working to protect your content, make sure your DLP configuration settings stay within the following recommended size limits. Some of these limits are not enforced, but stay within the limits stated in this article. If you exceed these limits, your DLP rule might not work.
Note: Before scanning content, analyze metadata (for example, source URL, file type, file size, and so on) for all files, regardless of size, to assess whether to terminate the scanning process early.
Google Chat DLP content limits
|
Content |
Limit |
|
Chat message and attachments |
Maximum file size is 50 MB Only the first 10 MB of extracted text is analyzed against DLP rules. |
|
Number of files scanned within a zip file |
1,000 |
|
Number of items detected per file |
10,000 |
Chrome browser DLP content limits
|
Content |
Limit |
|
File upload, download, print, paste |
Maximum file size is 50 MB Only the first 10 MB of extracted text is analyzed against DLP rules. Some file types aren't checked for sensitive data or malware, including password-protected files and files larger than 50 MB. Administrators can decide to automatically allow or block those files. |
|
Number of files scanned within a zip file |
1,000 |
|
Number of items detected per file |
10,000 |
|
Number of cells in a spreadsheet |
50,000 |
Google Drive DLP content limits
|
Content |
Limit |
|
Drive text content (with markup) |
Maximum file size is 50 MB Only the first 10 MB of extracted text is analyzed against DLP rules. DLP scans any file's content that it can extract. For native file types, content extraction has no size limit. For non-native file types, DLP supports content extraction for files up to 50 MB. |
|
Number of files scanned within a zip file |
1,000 |
|
Number of items detected per document or file |
10,000 |
Gmail DLP content limits
|
Content |
Limit |
|
Gmail message (including attachments) |
Content filters scan messages and attachments up to 25 MB. Only the first 10 MB of extracted text is analyzed against DLP rules. Message contents and attachments are converted to a single file in a scannable format. Gmail scans the converted file. For converted files such as CSV, the cell limit is 50,000. For nested files such as zip, the output is limited to 25 MB. Files stored in Drive and linked to a message are subject to the DLP rules for Drive. Learn more about DLP for Drive. |
Rule alert email recipient limits
| Maximum number of email recipients |
10 recipients in DLP rule alert center action If you need to notify more recipients: You can add groups as recipients instead of individual administrators. Learn how to create groups. |
Rule size limits
|
Rule attribute |
Limit |
|
Rule count maximum |
1,000 You cannot save any rules after exceeding this limit. |
|
Rule description length |
500 characters |
|
Individual rule size |
1.5 KB This limit is accrued after you save the rule and it’s compiled by the system. If you reach this limit, you can’t save additional settings for the rule. For example, if you have a very large description or a long list of conditions, you can exceed this limit. In general, you should not create very large rules. To avoid large rules:
|
|
All rule configuration settings: The size limit for all DLP rule configuration settings, such as the number of rules and the size of rule descriptions |
2 MB This 2 MB limit is the combined size of all DLP rule configuration settings, after you save them and they’re compiled by the system. Notwithstanding any of the limits above, if you reach this limit, you can’t save additional settings. |
Detector size limits
|
Detector attribute |
Limit |
|
Detector count maximum |
1,000 |
|
Maximum total size of word list |
60 KB |
|
Word list phrase component length (continuous sequences containing only letters, only digits, only non-letter characters, or only non-digit characters) |
40 |
|
Maximum number of words in a word list |
950 |
|
Size of a regular expression |
1,000 characters |
|
Regular expression detector count and word list detector count maximums combined for all rules |
Combined limit: 100
Note: The number word list and regular expression detectors are combined and together shouldn't exceed 100 detectors. If limits are exceeded, scan performance might be reduced. |
|
Email address detector |
40,000 entries |
|
Detector size |
Notwithstanding the other limits in this table, an individual detector can't be more than 2 MB. |