Syntax for including or excluding directories when scanning a Fileshare
Last Updated December 28, 2018
You want to know how to filter directories when scanning a Fileshare using include and exclude filters.
To exclude a directory when scanning a share:
Go to the Discover target and the scanned content tab
Under the exclude filters field enter in the directory you would like to filter
For example, if you did not want to scan a directory called "SymantecDLP", write the exclusion like this: */SymantecDLP/*
Another example is if you want to include only the files in two subdirectories of the file share, one called "documentation" and the other called "specs", you would enter:
Subdirectory Filtering Behavior
Here is an example of how the filter would work:
and the directory tree
How many directories should be scanned? One or two? Current behavior is to scan two.
For performance reasons, you may sometimes wish to limit the tree that is crawled. For example, limit it so that the scan would crawl "root/scanme" and not search the rest of the tree for other "scanme" directories. To accomplish this, create an include filter:
(without the leading *). This will be interpreted as a path relative to the share root, and only directories beneath "root/scanme" will be crawled. It is possible to specify multiple share root-relative include filters, and only the union of their subdirectories will be crawled. But if any non-share root-relative include filter is specified, the entire tree must be covered, and the optimization is lost.