Overview
EndPointSecurity logs all access attempts to controlled devices, even if the access was made by an application and not triggered by a user. This may cause certain applications to create a lot of unnecessary logging.
Process
To exclude specific events from being logged, perform the following steps:
Note: Make a backup of toolcfg_loggingSettings.xml before making any changes.
- Go to the EndPointSecurity installation folder.
- Open ..\Data\toolcfg_loggingSettings.xml with a text editor.
- Add new filters according to the instructions included at the top of the file. For example, to exclude events logged by myapp.exe add the following filter:
<Filter>
<Line field="Application" operatorId="5" value="myapp.exe" />
</Filter> - Save changes to the file.
- Update the agents for the changes to be applied.