You can add or delete an exclusion scope with a specified Path
for OAS, ODS, OAFIM, ODFIM, and AntiCryptor tasks from the command line.
To add a new exclusion scope, execute the following command:
kics-control --set-settings <task
ID>|<task
>|<
task name
> --add-exclusion <
path
>
In order to optimize the operation of scan tasks, it is recommended to add the path with snapshots mounted by the system in the read-only mode to the exclusions for the systems with the btrfs file system and enabled active snapshots. For example, for the systems based on SUSE/OpenSUSE, you can add the following exclusion for the path: /.snapshots/*/snapshot/
.
A new [ExcludedFromScanScope.item_#]
section will be added to the configuration file. The application will exclude objects in the directory specified by the Path
setting from scans.
If an [ExcludedFromScanScope.item_#]
section already exists for the specified Path
setting, a duplicate section will not be added to the configuration file. If the UseScanArea
setting is set to No
its value will change to Yes
after this command is executed and the objects located in this directory will be excluded from scans.
To delete an exclusion scope, execute the following command:
kics-control --set-settings <task
ID>|<task
>|<
task name
> --del-exclusion <
path
>
The [ExcludedFromScanScope.item_#]
section that contains the specified path is deleted from the task configuration file. The application will not exclude objects in the directory specified by the Path
setting from scans.