Example 4. Excluded registry modifications

To exclude registry modification events from telemetry, open the EDR telemetry exclusions window on the Excluded registry changes tab and add a registry key.

Kaspersky Endpoint Security combines rule triggering criteria with a logical AND.

If an application frequently modifies its registry values and you want to exclude these registry modification events from telemetry, add the registry key and the executable file of the application to telemetry exclusions.

Specify the settings as follows:

Page top