Log in

Sangfor Support Center

Table of Contents
< All Topics
Print

[ES] Directory missing / whitelist not effective due to

Posted
Updated
Byadmin
Views2

Problem Description

The directory whitelist is configured on ES, but the whitelist test is not effective.

Alarm Information

After whitelisting, the corresponding directory files were still detected during the scan, indicating that the whitelisting did not take effect, as shown in the figure below.

Solution

  1. Check the configuration and confirm that the end of the corresponding configuration directory is missing a hyphen, i.e. the configuration should be:
E:\\Users\\Administrator\\Desktop\\test instead of E:\\Users\\Administrator\\Desktop\\test\\, when adding a directory, if it does not end with a \, it will be treated as a file by default. For example, in the configuration shown, it will be treated as whitelisting the file test under E:\\Users\\Administrator\\Desktop\\, causing the directory whitelisting to not take effect.
  1. After modifying the configuration, the test for adding white is normal, as shown in the following figure:

Note: Whether adding the directory to the whitelist in the low version policy center or adding the directory to the whitelist in the exclusion policy in the high version, this issue should be noted.

Original Link

https://support.sangfor.com.cn/cases/list?product_id=16&amp;type=1&amp;category_id=2862&amp;isOpen=true