Exception Rules Tokens
Use the following tokens in the Exception Rules tab under the Configuration tab:
exception.reasonexception.reason
Use the text value to select the reason to flag the unwanted events generated by non-malicious program. The exception reasons flag are, False Positive, Hide, and Risk Accepted.
Example
Show False Positive events.
exception.reason: False Positive
exception.statusexception.status
Use the text value to select the rules that are actively suppressing the events. Enabled and Disabled are the status for this token.
Example
Show Enabled events.
exception.status: Enabled
exception.titleexception.title
Use the text value to mention the exception title used while creating exception.
Example
Show the events with the following Exception Title:
exception.title: Test Suppression