Exclusions
Scan exclusions allow for the bypassing of items based on type and item name. The screenshot below demonstrates the exclusion of the following IIS Servers.
- DEMO-SRV01
- DEMO-SRV02
- DEMO-SRV03
- DEMO-SRV04
Wildcards
Wildcards can be used at the start of end of an item name - for example DEMO-SRV* will exclude any item whose name starts with DEMO-SRV. Entering a value of * will exclude all items of that type.
Remove all exclusions
Clicking remove all exclusions will remove all exclusions configured for all item types in this scan profile
Detection Support
Exclusions are applied regardless of how the item was assigned including
- Manually entered in a scan list
- Detected automatically from a search task (for example Active Directory Search or Network Device Search)
- Detected during the scan of another item (for example Windows Machine Scan Task)
Logging Output
When an item is bypassed this is written to the diagnostics trace log. The message format is as follows.
Bypassing adding a new 'Item Type' scan task for target 'Target Name' as this target is configured as an exclusion in the scan profile.
Active Directory Search
Please note that when using the Active Directory Search if using the Use Fully Qualified Domain Names setting you must use this naming format for the exclusions for example
demo-srv01.demonstration.int or
demo-srv01.*