2018-03-14 01:36 PM
I have recent deployment of NW Malware appliance and it is picking up an unusually high number of High Confidence events. Some of the files it has detected are in-house custom scripts or applications. Is there a way to exclude these files from being analysed and therefore creating events?
2018-03-14 01:44 PM
if you create an app rule to flag those items as content=spectrum.filter then they should be removed from the processing pipeline
2018-03-14 05:25 PM
Thanks, seems so easy. Appreciate the response.