You can add to exclusions only TAA (IOA) rules made by Kaspersky. If you do not want to apply a user-defined TAA (IOA) rule for scanning events, you can disable that rule or delete it.
To add a TAA (IOA) rule to exclusions from the Alerts section:
This opens the table of alerts.
The table displays alerts generated by the TAA technology based on TAA (IOA) rules.
This opens a window containing information about the alert.
This opens a window that allows you to add the TAA (IOA) rule to exclusions.
The TAA (IOA) rule is added to exclusions and is displayed in the exclusion list in the Settings section, Exclusions subsection on the TAA exclusions tab in the program web interface. This rule is no longer used for creating alerts.
To add a TAA (IOA) rule to exclusions from the Threat Hunting section:
This opens the event search form.
The table of events that satisfy the search criteria is displayed.
This opens a window containing information about the rule.
This opens a window that allows you to add the TAA (IOA) rule to exclusions.
The TAA (IOA) rule is added to exclusions and is displayed in the exclusion list in the Settings section, Exclusions subsection on the TAA exclusions tab in the program web interface. This rule is no longer applied when scanning events.
Users with the Security auditor and Security officer roles cannot add TAA (IOA) rules to exclusions.