To optimize the File Threat Protection task, you can exclude from scans any files being copied from network directories. Files are scanned only after the process of copying to a local directory is finished. To exclude files located in network directories from scans, configure scan exclusion for the utility used to copy files from network directories (for example, for the cp
utility).
To configure exclusion of network directories from scans:
kics-control --get-settings 1 --file <
full path to the configuration file
>
[ExcludedForProgram.item_#]
section to the created file. The section contains the following settings:ProgramPath
– path to the process to be excluded or to the directory with the processes to be excluded.ApplyToDescendants
parameter indicates whether the scan should exclude child processes of the excluded process specified by the ProgramPath
parameter (possible values: Yes
or No
).AreaDesc
– a description of the process exclusion scope, which contains additional information about the exclusion scope.UseExcludedForProgram
parameter indicates whether the scan task should exclude the specified scope (possible values: Yes
or No
).Path
– path to the files or directory with files modified by the process.AreaMask.item_#
– file name mask for files to be excluded from the scan scope. You can also specify the full path to the file.Example:
|
kics-control --set-settings 1 --file <
full path to the configuration file
>
The application does not scan the files in network directories, but the cp
command itself (for the example given above) and local files are scanned.