Specifying an exclusion scope

You can specify an exclusion scope for the File Threat Protection task. Files in the exclusion scope are excluded from protection scopes.

To create an exclusion scope:

  1. Save the File Threat Protection task settings to a file using the following command:

    kics-control --get-settings 1 --file <full path to the configuration file>

  2. Add the [ExcludedFromScanScope.item_#] section to the created file. The section contains the following settings:
    • AreaDesc – a description of the exclusion scope, which contains additional information about the exclusion scope.
    • Path – the path to the files or directories to be excluded from the protection scope.
    • AreaMask.item_# – file name mask for files to be excluded from the protection scope.

      Example:

      [ExcludedFromScanScope.item_0000]

      AreaDesc=

      UseScanArea=Yes

      Path=/tmp/notchecked

      AreaMask.item_0000=*

  3. Import settings from the configuration file to the File Threat Protection task by using the following command:

    kics-control --set-settings 1 --file <full path to the configuration file>

You can also manage exclusion scopes from the command line.

Page top