Excluding A Directory From Forcepoint DLP Discovery
- Article Number: 000003061
- Products: Data Security, Forcepoint DLP, Forcepoint DLP Endpoint, Forcepoint One Endpoint, TRITON AP-DATA, TRITON AP-ENDPOINT DLP
- Version: 8.7, 8.6, 8.5, 8.4, 8.3, 8.2, 8.1, 8.0, 7.8
- Last Published Date: June 17, 2020
Notes & Warnings
Note that the exclusion will only exempt the specified path(s) from being analyzed by the DLP Crawler or Endpoint, but the overall structure of the locations specified under Scanned Folders will still be checked. In the case of Endpoint Discovery, the entire machine would still be scanned with the task's filters applied.
How do I exclude a specific sub-directory of a share that is being scanned by a Discovery task?
Directories can be added in the file type exceptions options for specific discovery jobs. For instance, if you want to exclude files in a quarantined directory named "quarantine," you would add the following exception: *\quarantine\* . The asterisks allow for wildcard matches on either side of the directory, so it will exclude all sub directories of this folder for all hosts that are being scanned as part of that job. It is also important that you use backslashes rather than a regular slash because the crawler is supplying the path to the files in a UNC format. Having the backslashes will also prevent any false matches for files or directories that contain "quarantine" as part of a longer name.
Follow the steps below to get to the File Filters for your relevant version:
Versions 8.2 and higher:
Versions 7.0.x and 7.1.x
Keywords: Data DLP Network Discovery; Endpoint Discovery; Forcepoint ONE Endpoint; DLP Endpoint; File System Discovery; Management Console; Shared Folders; File Path Exclusion; DLP Sensitive Information Scan Issue