In this example, symantec.com still generates incidents.
The following is an example of domain filters
Domain Filter := <Domain Filter Entry> [,<Domain Filter Entry>] Domain Filter Entry := {*|{-|+}<metadata value>}
You cannot use ports in the inclusions nor exclusions.
An invalid character in the domain filter list.
A question mark, "?", at the end of one of the domains in the list.
All domains after that invalid character are not parsed.
Removed the invalid character from the domain list.
After which, all the domains that are listed in the "Filter by Network Properties" get properly parsed. No incidents were created for the excluded domains.
Note: We do not monitor or exclude ports separately. You cannot add www.symantec.com:9900 or similar entries.