KB Article | Forcepoint Support
Support
  1. Home
  2. Knowledgebase

Excluding A Directory From Forcepoint DLP Discovery

  • Article Number: 000003061
  • Products: Data Security, Forcepoint DLP, Forcepoint DLP Endpoint, Forcepoint One Endpoint, TRITON AP-DATA, TRITON AP-ENDPOINT DLP
  • Version: 8.7, 8.6, 8.5, 8.4, 8.3, 8.2, 8.1, 8.0, 7.8
  • Last Published Date: June 17, 2020

Notes & Warnings

Note that the exclusion will only exempt the specified path(s) from being analyzed by the DLP Crawler or Endpoint, but the overall structure of the locations specified under Scanned Folders will still be checked. In the case of Endpoint Discovery, the entire machine would still be scanned with the task's filters applied.

Problem Description

How do I exclude a specific sub-directory of a share that is being scanned by a Discovery task?

Resolution

Directories can be added in the file type exceptions options for specific discovery jobs. For instance, if you want to exclude files in a quarantined directory named "quarantine," you would add the following exception: *\quarantine\* . The asterisks allow for wildcard matches on either side of the directory, so it will exclude all sub directories of this folder for all hosts that are being scanned as part of that job. It is also important that you use backslashes rather than a regular slash because the crawler is supplying the path to the files in a UNC format. Having the backslashes will also prevent any false matches for files or directories that contain "quarantine" as part of a longer name.

Follow the steps below to get to the File Filters for your relevant version:

Versions 8.2 and higher:

  1. Open the Forcepoint Security Manager and go to the Data module
  2. Choose either Network or Endpoint Task under Main > Policy Management > Discovery Policies
  3. Select an existing discovery job and then click Edit
  4. Go down to the File Filtering options and enable Filter by Type
  5. Add the directory intended to be excluded in the aforementioned format in the Except: text box
  6. Click OK
  7. Deploy Settings

Versions 7.5.x-7.7:

  1. Open the Triton Security Manager and go to the Data module
  2. Choose either Network or Endpoint Task under the Data Discovery Tasks menu
  3. Select an existing discovery job and then click Edit
  4. Go down to the File Filtering options and enable Filter by Type
  5. Add the directory intended to be excluded in the aforementioned format in the Except: text box
  6. Click OK
  7. Deploy Settings

 Versions 7.0.x and 7.1.x

  1. Open the Websense Management Console
  2. Select Discovery on the left pane of the console window
  3. Right click on a discovery task and then click Edit
  4. Select the File Filter tab
  5. Add the directory intended to be excluded in the aforementioned format in the Except: text box
  6. Click OK
  7. Deploy Policy



Keywords: Data DLP Network Discovery; Endpoint Discovery; Forcepoint ONE Endpoint; DLP Endpoint; File System Discovery; Management Console; Shared Folders; File Path Exclusion; DLP Sensitive Information Scan Issue

Article Feedback



Thank you for the feedback and comments.

Want 24/7 Tech Support?

Learn more