Data Loss Prevention

Hello,

I am planning on scanning a huge file share and want to filter items based on certain file extensions like - *.dll,*.exe,*.sql, including some folders (which I would like to scan as a separate scan). I could successfully use the "Server File System (tab) -> Scanned Content -> Exclude Filters" to a certain extent. This field cannot take more than 1024 charecters and I have more file extensions and directories to exlucde. Upon digging the Admin guide, apparently there is way to create a new directory called "excludeFiles" and include a file with the same name as the target and have all the exlcude filters. I followed the manual instructions and copied all the files listed in the exclude filters section of the GUI on the server file and it doesnt seem to filter. To start with I tried to exclude a directory with \abcd\*, *\abcd\*, *abcd*,\\myshare\abcd\*, \myshare\abcd\*, including replacing \ with /. Can someone guide me the right syntax?

Note - I created the file on both the enforce server and the network discoverer at /opt/Vontu/Protect/config/exculeFiles/myshare.txt, where \\myshare is the file share, and also the scan name.

Thanks.

I'd check:

- file permissions check if the file you created has 755 as minimum
- the filename has to be exact the same as the server to be scanned, you may want to try changing the name to an IP address, that may shed some light.

hope this helps

I just experienced the same dilemna - k0r3 is correct, the filename on the detect server has to be named exactly the same as the server you are targetting in your scan 

HOWEVER, after working with Symantec is was determined that a copy of this file has to be on EVERY detect server and the folders you want to exclude have to be fully qualified, meaning "servername\vol\folder\netbackup". No wildcards \*netbackup*\

I've since asked for an enhancement so that you can point a scan to a flatfile for exclusion lists, similar to how you can point it to a flatfile for sharelists.

J