Overview: This article helps you to configure the File Activity Monitor feature in Seqrite Endpoint Security (EPS).
Applicable Version: Seqrite Endpoint Security 8.1
What is File activity Monitor?
File Activity Monitor feature lets you monitor any suspicious activity related to the confidential files on your computer, local drive, or a removable drive.
You can exclude the selected file types and folder paths from monitoring actions such as copy, delete, or extension change. Copy action on the local drive is not supported.
To configure the File Activity Monitor feature, follow these steps:
1. Log on to the SEQRITE Endpoint Security.
2. Create Container/feature policy for File Activity Monitor.
3. Enable File Activity Monitor with a toggle switch.
4. Select location, Removable Drive or Local Drive. By default, Removable Drive is selected.
5. Select the event check boxes, Copy, Delete or Extension Change as per drive. By default, Copy event for the Removable drive is selected. Copy operations only to Removable Drive are monitored.
6. If you want to exclude file extensions from monitoring, in the Exclude File Extensions section, do the following.
By default, the Use from Configurations -> File Activity Monitor check box is selected. So, the list of extensions that are added on the Configurations -> File Activity Monitor page is excluded.
The list of extensions that are already added on this page is displayed.
a. If you want to add custom extensions on this page, clear the Use from Configurations -> File Activity Monitor check box.
b. Enter the extension in the Enter Extension text box, and then click Add.
The file extension should be written without a dot in the following format: xml, html, zip, etc.
The extension is added to the list.
If you want to remove the extension from the list, click the Delete button which appears when you click the list entry.
7. If you want to exclude folders from monitoring, in the Exclude Folders section, do the following.
By default, the Use from Configurations -> File Activity Monitor check box is selected. So, the list of folders that are added on the Configurations -> File Activity Monitor page is excluded.
The list of folders that are already added appears.
a. If you want to add custom folders on this page, clear the Use from Configurations -> File Activity Monitor check box.
b. Enter the folder path that you want to exclude, for example. C:\EPS, in the Folder Path text box, and then click Add.
For Mac OS, use only forward slash (/) in the folder path. Example: /Users/Admin/ExcludeList.
User can also add path like %Windir%\ which is also supported by Windows OS.
To remove the folder path from the list, click the Delete button which appears when you click the list entry.
8. To save your settings, click Save Policy.
Note: You can delete the default excluded files and folders from the individual policies.
If the exclusion list in Configurations -> File Activity Monitor is updated, the changes will be reflected in the respective FAM policy, when the Use from Configurations -> File Activity Monitor check box is selected.
To Configure File Activity Monitor on Configurations page, follow these steps:
On this page, you can add file extensions and folders that you want to exclude from the File Activity Monitor policy.
To exclude file extensions and folders from monitoring, follow the given steps:
1. Log on to the SEQRITE Endpoint Security.
2. Go to Configurations > File Activity Monitor.
In the Exclude File Extensions section, the list of extensions that are already added appears.
3. Enter the extension that you want to exclude from monitoring in the Extension text box, and then click Add.
The file extension should be written without a dot in the following format: xml, html, zip, etc.
The extension is added to the list.
To remove the extension from the exclusions, click the Delete button which appears when you click the list entry. If you click the Delete button, a message box is displayed to confirm the delete action.
4. In the Exclude Folders section, the list of folders that are already added appears.
Enter the folder path that you want to exclude from monitoring, for example. C:\EPS, in the Folder Path text box, and then click Add.
For Mac OS, use only forward slash (/) in the folder path. Example: /Users/Admin/ExcludeList.
User can also add path like %Windir%\ which is also supported by Windows OS.
To remove the folder path from the exclusions, click the Delete button which appears when you click the list entry.
Note: The File Activity Monitor feature is available in clients with Windows and Mac operating systems.
Please contact Seqrite Technical Support for more assistance.