Configure new detection exceptions to prevent detections that match specified criteria from appearing in detection logs.
The Detection Exceptions tab
displays all custom or imported exceptions and the corresponding criteria. Create
new
exceptions to prevent Network Sensor detections that match the exception criteria
from
appearing in detection logs.
Procedure
- Click Add.
- In Add Exceptions, select whether to enable or disable the new exception.
- Add an optional description for the exception.
- Specify the criteria for the exception.
- Select the desired exception criteria type from the drop-down list.
- Select the desired operator to set the conditions for matching the
criteria.
-
Contains: The detection must partially match the specified criteria values.
-
Equals: The detection must exactly match the specified criteria values.
-
Ends with: The detection must end with the specified criteria values.
-
- Enter the desired criteria value.
Note
Values are not case sensitive. Use hyphens (-) for ranges, and press ENTER or TAB to separate multiple values.
- Click + to add additional exception criteria.
Note
A single exception may include no more than 10 criteria. - Click Add to add the new exception to the detection
exceptions list.
Note
The detection exception list can contain no more than 1,000 exceptions. - Click Save to save changes to the detection exceptions list.