Go Up
You are here: AdministrationAdditional ConfigurationExclude Objects from Monitoring ScopeSharePoint Monitoring Scope

Exclude Data from SharePoint Monitoring Scope

You can fine-tune Netwrix Auditor by specifying data that you want to exclude from the SharePoint monitoring scope.

To exclude data from SharePoint monitoring scope

  1. Navigate to the %ProgramData%\Netwrix Auditor\Netwrix Auditor for SharePoint\Configuration\ folder and locate your monitoring plan.

    NOTE: If you have several monitoring plans for monitoring SharePoint farms, configure omitlists for each monitoring plan separately.

  2. Edit the *.txt files, based on the following guidelines:

    • Each entry must be a separate line.
    • A wildcard (*) is supported, except for omiteventloglist.txt.
    • Lines that start with the # sign are treated as comments and are ignored.
File Description Syntax

omiteventloglist.txt

Contains a list of event IDs to be excluded from the Netwrix Auditor System Health event log.

event ID

For example:

1001

NOTE: Only add known error or warning events, otherwise you may lose important data.

omitscreadaccesslist.txt

Contains a list of site collections for which the product will not monitor read access attempts.

http(s)://URL

NOTE: Enter the root web site URLs.

If you have alternate access mapping configured in your SharePoint farm, and one web application has different URLs for different zones, you can use any of these URLs to specify a child site collection.

For example:

http://sharepointsrv:3333/

omitscstorelist.txt

Contains a list of site collections to be excluded from audit data collection.

http(s)://URL

NOTE: Enter the root web site URLs.

If you have alternate access mapping configured in your SharePoint farm, and one web application has different URLs for different zones, you can use any of these URLs to specify a child site collection.

For example:

https://siteColl*

omitsitscstorelist.txt Lists site collections to exclude from being monitored and reported in state-in-time report.
http(s)://URL

NOTE: Enter root web site URLs.

If you have alternate access mapping configured in your SharePoint farm, and one web application has different URLs for different zones, you can use any of these URLs to specify a child site collection.

You can use a wildcard (*) to replace any number of characters.

Examples:

http://siteCollection1:3333/
https://siteColl*

omitsitstorelist.txt

Contains SharePoint lists and list items that you want to exclude from being audited.

URI Reference

NOTE: URI Reference does not include site collection URL. For example, to exclude the list item with URL http://sitecollection/list/document.docx, specify only "list/document.docx" instead of full URL.

Wildcard (*) is supported to replace any number of characters.

Examples:

*list/document.docx
*/_catalogs/*
*/_vti_inf.html
*/Style Library*
*/SitePages*

omituserviewstorelist.txt

Contains a list of user or service accounts to be excluded from read access monitoring.

Login name

For example:

SHAREPOINT\System

omitviewstorelist.txt

Contains lists and list items to be excluded from being monitored for read access.

URI Reference 

NOTE: Only specify URI reference to a list or list item without https:\\<siteCollection_name> part.

For example:

*list/document.docx

omitwastorelist.txt

Contains a list of web applications to be excluded from audit data collection.

http(s)://URL

NOTE: Enter the root web site URLs. If you have alternate access mapping configured in your SharePoint farm, and one web application has different URLs for different zones, you can use any of these URLs.

For example:

http://webApplication1:3333/

Go Up