Creating exceptions from log events

You can create exceptions from log events for virus and spyware scans, SONAR, application control, and Tamper Protection.
You cannot create exceptions from log events for early launch anti-malware detections.
Exceptions and log types
Exception Type
Log Type
File
Risk log
Folder
Risk log
SONAR log
Known risk
Risk log
Extension
Risk log
Application
Risk log
SONAR log
Trusted Web domain
Risk log
SONAR log
Tamper Protection
Application Control log
DNS or host file change
SONAR log
Symantec Endpoint Protection
must have already detected the item for which you want to create an exception. When you use a log event to create an exception, you specify the Exceptions policy that should include the exception.
  1. To create exceptions from log events
  2. On the
    Monitors
    tab, click the
    Logs
    tab.
  3. In the
    Log type
    drop-down list, select the Risk log, SONAR log, or Application and Device Control log.
  4. If you selected Application and Device Control, select
    Application Control
    from the
    Log content
    list.
  5. Click
    View Log
    .
  6. Next to
    Time range
    , select the time interval to filter the log.
  7. Select the entry or entries for which you want to create an exception.
  8. Next to
    Action
    , select the type of exception that you want to create.
    The exception type that you select must be valid for the item or items that you selected.
  9. Click
    Apply
    or
    Start
    .
  10. In the dialog box, remove any items that you do not want to include in the exception.
  11. For security risks, check
    Log when the security risk is detected
    if you want
    Symantec Endpoint Protection
    to log the detection.
  12. Select all of the Exceptions policies that should use the exception.
  13. Click
    OK
    .