Import or create lists of exception criteria to exempt criteria matches from appearing in detection logs.
The Detection Exceptions tab in
Monitoring/Scanning displays a list of imported or custom exception
criteria. Connected Virtual Network Sensors and synced Deep Discovery Inspector appliances
scan
for and log unusual or suspicious network traffic. Detections that match exception
criteria are
not recorded in detection logs.
Exceptions are synced across all connected Virtual Network Sensors. Turn on Enable
central management of Deep Discovery Inspector resources to sync with connected Deep
Discovery Inspector appliances version 6.7 or later.
 |
ImportantBefore enabling central management of Deep Discovery Inspector resources, Trend Micro
recommends you export the Network Resources settings file in Deep Discovery Inspector
to backup
your systems settings.
|
The following table outlines actions available in the Detection
Exceptions tab.
|
Action
|
Description
|
||
|
Add new exception
|
Select the exception status, add an optional description, and configure the exception
criteria. One exception may contain up to 10 criteria. A detection must meet all criteria
to
be considered an exception.
To learn more, see Configuring Detection Exceptions.
|
||
|
Import exception list
|
You may import a list of exceptions from an external source.
|
||
|
Filter exceptions by status
|
View enabled, disabled, or all exceptions.
|
||
|
Edit exceptions
|
Change the exception status from enabled to disabled or modify the exception criteria.
|
||
|
Delete exceptions
|
Select the exception you wish to remove and click Delete.
|
 |
NoteAfter making any configuration or status changes in the Detection
Exceptions tab, click Save before leaving or any unsaved
changes will be discarded.
|