Create an exclusion rule

  • Release version: Xanadu
  • Updated August 1, 2024
  • 1 minute to read

    • Create a rule to filter or exclude detections from getting converted into vulnerable items (VITs) during ingestion.

    Before you begin

    Role required: Vulnerability admin

    About this task

    Procedure

    1. Navigate to All > Vulnerability Response > Exclusion Rules.
    2. On the Exclusion Rule record page, select New to create a rule.
      Create exclusion rule
      A message saying 'Enable property to automatically close vulnerable items when all associated detections are closed' is displayed. By default, the property is inactive. To enable, select the property link and enter the value as True in the Value field.
    3. On the form, fill in the fields.
      Table 1. Exclusion Rule form
      Field Description
      Name Name of the exclusion rule.
      Active Option to activate the exclusion rule.
      Execution order Unique order for each exclusion rule.
      Condition Filter conditions for the detections that can be defined while processing them.
      Note:
      You can’t select Exclusion rule or Vulnerability item field conditions.
      Description Description of the exclusion rule.
    4. Select Submit.
      The activity is recorded in the system.
      Note:
      Once an exclusion rule is created, it takes effect on detections starting from the subsequent ingestion.