You can set exclude rules to configure the security device to omit certain security events (alarms) from being generated in the audit log. The audit log does not include security alarms that contain any of the following fields:
Rule ID: Enter an ID for the exclude rule.
User ID: Enter the identity of the authenticated user. All security events enabled by this user are not generated in the audit log.
Event Type: Enter the event type of the security event. The audit log does not include security alarms of this event type.
Source IP Address: Enter the source IP address in IPv4 or IPv6 address format. The audit log does not include security alarms from the specified source IP address.
Destination IP Address: Enter the destination IP address in IPv4 or IPv6 address format. The audit log does not include security alarms from the specified destination IP address.
Destination Port: Enter the destination port number.
Policy ID: Enter the policy number.
Event Result: Select the result of the security event. Choose Success for a successful event, and choose Failure for an unsuccessful event.
Click Add to save the new exclude rule.
The newly created exclude rule is added to the Configured Exclude Rules table. This table lists exclude rules configured on your security device.
To modify an exclude rule, click Edit in the Configure column of the rule you want to modify.
To delete an exclude rule, click Remove in the Configure column of the rule you want to delete.