Overview

EndPointSecurity logs all access attempts to controlled devices, even if the access was made by an application and not triggered by a user. This may cause certain applications to create a lot of unnecessary logging.

Process

To exclude specific events from being logged, perform the following steps:

Note: Make a backup of toolcfg_loggingSettings.xml before making any changes.

1. Go to the EndPointSecurity installation folder.
2. Open ..\Data\toolcfg_loggingSettings.xml with a text editor.
3. Add new filters according to the instructions included at the top of the file. For example, to exclude events logged by myapp.exe add the following filter:

    <Filter>
   
    <Line field="Application" operatorId="5" value="myapp.exe" />
   
    </Filter>

4. Save changes to the file.
5. Update the agents for the changes to be applied.