Exception Rules Tokens

Click to view navigation pane

Exception Rules Tokens

Use the following tokens in the Exception Rules tab under the Configuration tab:

exception.reasonexception.reason

Use the text value to select the reason to flag the unwanted events generated by non-malicious program. The exception reasons flag are, False Positive, Hide, and Risk Accepted.

Example

Show False Positive events.

exception.reason: False Positive

exception.statusexception.status

Use the text value to select the rules that are actively suppressing the events. Enabled and Disabled are the status for this token.

Example

Show Enabled events.

exception.status: Enabled

exception.titleexception.title

Use the text value to mention the exception title used while creating exception.

Example

Show the events with the following Exception Title:

exception.title: Test Suppression