How to exclude Data Center Security (DCS) unwanted Intrusion Detection Event from being generated
Article ID: 424356
Updated On:
Products
Data Center Security Server Advanced
Issue/Introduction
The DCS Intrusion Detection Baseline Policy was applied, and you have observed a high number of file watch events being generated by a specific legitimate application.
Resolution
Each Intrusion Detection rule in the policy has an Ignore String section that allows to prevent event generation for unwanted criteria.
In the example below Intrusion Detection event for the file path defined will not be generated if it was triggered by the myapplication process, but detection exclusion can also be a specific username or file path.
LINUX
WINDOWS
Feedback
Yes
No
Powered by
