Specifying global exclusion scope

You can specify a global exclusion scope for the File Threat Protection task. Files in the global exclusion scope are excluded from real-time protection scopes.

To create a global exclusion scope,

1. Save the File Threat Protection task settings to a file using the following command:

   kics-control --get-settings 1 --file <full path to the configuration file>

2. Add the [ExcludedFromScanScope.item_#] section to the created file. The [ExcludedFromScanScope.item_#] section contains the following parameters:
   • AreaMask – file name masks for files to be excluded from the protection scope.
   • AreaDesc – exclusion scope description, which contains additional information about the exclusion scope.
   • Path – path to the files or directories to be excluded from the protection scope.

     Example: [ExcludedFromScanScope.item_0000] AreaDesc= UseScanArea=Yes Path=/tmp/notchecked AreaMask.item_0000=*

3. Import settings from the configuration file to the File Threat Protection task by using the following command:

   kics-control --set-settings 1 --file <full path to the configuration file>

You can also manage exclusion scopes from the command line.

Page top