Help Center
Quick Start
- Overview
- System requirements
- Minimum privileges required
- Default port configuration
- Installing DataSecurity Plus
- Uninstalling DataSecurity Plus
- Starting DataSecurity Plus
- Launching DataSecurity Plus
- Configuring your solution
- Licensing details
- Applying a license
File Auditing
- About File Auditing
- Domain configuration
- File server configuration
- Failover cluster configuration
- NetApp server configuration
- Workgroup configuration
Setting up File Audit
Dashboard
Reports
Alerts
Configuration
Storage Configuration
File Analysis
- About File Analysis
- On-Demand Reports
Setting up File Analysis
Dashboard
Reports
Alerts
Configuration
Data Risk Assessment
- About Data risk assessment
Setting up Data risk assessment
Dashboard
Reports
Ownership analysis
Configuration
Endpoint DLP
- About Endpoint DLP
Setting up Endpoint DLP
Reports
Alerts
Prevention policies
Configuration
Cloud Protection
- About Cloud Protection
- Gateway Server Configuration
- Certificate Authority Configuration
- Gateway Configuration in Endpoint
- Manage Certificate Trust Store
- Threat Analytics Database
- Manage Banned Applications
- Manage Authorized Applications
- Gateway Server Failover
- Two-way SSL configuration
- Global Insight
- Application Insight
- User Insight
- Shadow Application Insight
- Banned Application Insight
- Cloud App Discovery
- Cloud Access Reports
- Application Insights
- Shadow Cloud Application Reports
- Banned Cloud Application Reports
- File Upload & Download Reports
Setting up Cloud Protection
Dashboard
Reports
Control Policies
Storage Configuration
Administrative settings
- Technician configuration
- Notification filters
- Manage agent
- Agent settings
- SIEM integration
- Business hours configuration
- Two-factor authentication
- Workgroup configuration
- Security policy
Email configuration
General settings
- Connection
- Personalize
- DataSecurity Plus Server
- Privacy Settings
- Disk utilization
- Schedule Retention Policy
Policy Configuration
Release notes
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
Troubleshooting
- HTTP communication failure
- Dormant DataEngine
- Secure Gateway server failure
- RPC communication failure
- Known issues and limitations
- Known errors and solutions
Guides
- Agent document
- How to Migrate/Move DataSecurity Plus
- How to apply SSL certificate
- How to automate DataSecurity Plus database backup
- How to set alerts in DataSecurity Plus
- How to secure your DataSecurity Plus installation
Exclude configuration
An exclusion list is used to exempt certain trusted entities or trivial or unwanted files from being audited. Configuring an exclusion list also saves storage space, since audit logs are not generated for the excluded entities. Consequently, entities in exclusion lists will not be listed in reports and will also not trigger alerts.
Some of the entities that you can choose to exclude from auditing:
- Trusted users and administrators
- Processes like antivirus or file backup services
- Temporary or non-critical file types
- Computer accounts
- Files in a specific location
Only administrative technician accounts can view and modify the exclusion list. To view the configured exclusion lists:
- Select File Audit from the application drop-down.
- Go to Configuration > General Settings > Exclude Configuration.
- Here, you will see the Global Exclusion and Server-Specific Exclusion tabs.
A) Global exclusions
When an entity is added to the Global Exclusion list, it will be exempted from auditing across all configured servers.
To edit the Global Exclusion list:
- Select File Audit from the application drop-down.
- Go to Configuration > General Settings > Exclude Configuration > Global Exclusion.
- Click the + next to the Applied Servers field.
- In the Select Servers pop-up, pick the servers in which you wish to apply the Global Exclusion conditions and click Select.
- In the Conditions section, add the entities you wish to exempt from auditing using the available criteria. Click + to add a condition and x to delete a condition.
- Click Save, then click OK.
For example, if you want to exclude events generated by your antivirus software, set the exclusion conditions as:
User Object = In = NONE
Action = In = Read
File Type = In = NONE
Process Name = Equals = C:\Program Files\AV Endpoint Security\av.exe
B) Server-specific exclusions
When an entity is added to the Server-Specific Exclusion list, that entity is exempted from auditing only in that particular server. To edit the exclusion criteria applied to a configured server:
- Select File Audit from the application drop-down.
- Go to Configuration > General Settings > Exclude Configuration.
- Choose the target server from the Selected Server field.
- The Conditions section displays the exclusion criteria applied locally in that server, as well as the conditions inherited from the Global Exclusion list.
- To exclude more entities than in the conditions inherited from the global exclusions, use the available criteria. Click + to add a condition and x to delete a condition.
- To delete one entity within a condition, click the corresponding field to view all the entities in that condition. Click the delete icon next to the entity you wish to remove from the exclusion list.
- Click Save, then click OK.
For example, say the Global Exclusion list is:
User Object = In = NONE
Action = In = NONE
File Type = In = tmp, thm
If you want to additionally exempt auditing Modify actions in the location of a backup in Server01:
- Select Server01 from the Selected Server field.
- Set the server-specific conditions as:
- Click Save, then click OK.
User Object = In = NONE
Action = In = Modify
Local Path = Starts With = C:\Program Files\DataSecurity Plus\Backup
Process Name = Equals = C:\Program Files \Backup Solution\bp.exe
The corresponding entities will be excluded from auditing in Server01 alone.