How to Use Omit Lists
Overview
Omit lists serve as tools for filtering data. It is important to take careful consideration when making an omission. All omit lists include instructions and syntax examples at the top of the text file. Omit lists provided below are organized by their corresponding data source.
IMPORTANT: Changes to omit lists do not affect the assessment results of Netwrix Auditor Audit Configuration Assistant.
Omit lists (by data source)
Active Directory
Active Directory omit lists are found under \%Netwrix Auditor installation folder%\Active Directory Auditing. For additional information on Active Directory omit lists, refer to the following documentation article: Active Directory Monitoring Scope
Microsoft Entra ID (formerly Azure AD)
Microsoft Entra ID omit lists are found under \%Netwrix Auditor installation folder%\Azure AD Auditing. For additional information on Microsoft Entra ID omit lists, refer to the following documentation article: Entra ID Monitoring Scope
Event Log Manager
Event Log Manager omit lists are found under \%Netwrix Auditor installation folder%\Event Log Management. For additional information on Event Log Manager omit lists, refer to the following documentation article: Event Log Monitoring Scope
Exchange
Exchange omit lists are found under \%Netwrix Auditor installation folder%\Active Directory Auditing. For additional information on Exchange omit lists, refer to the following documentation article: Exchange Monitoring Scope
Exchange Online
Exchange Online omit lists are found under \%Netwrix Auditor installation folder%\Exchange Online Auditing. For additional information on Exchange Online omit lists, refer to the following documentation article: Exchange Online Monitoring Scope
File Servers
File Servers omit lists are found under \%Netwrix Auditor installation folder%\File Server Auditing. For additional information on File Servers omit lists, refer to the following documentation article: File Server Monitoring Scope
Group Policy
Group Policy omit lists are found under \%Netwrix Auditor installation folder%\Active Directory Auditing. For additional information on Group Policy omit lists, refer to the following documentation article: Group Policy Monitoring Scope
Inactive User Tracker
Inactive User Tracker omit lists are found under \%Working Folder%\Inactive Users Tracker. For additional information on Inactive User Tracker omit lists, refer to the following article: Inactive Users Monitoring Scope
Logon Activity
Logon Activity omit lists are found under \%Working Folder%\NLA\Settings. For additional information on Group Policy omit lists, refer to the following documentation article: Logon Activity Monitoring Scope
Oracle Database
For additional information on Oracle Database omit lists, refer to the following article: Oracle Monitoring Scope
Netwrix Password Expiration
Netwrix Password Expiration Notifier omit lists are found under \%Netwrix Auditor installation folder%\Password Expiration Alerting. For additional information on Netwrix Password Expiration Notifier omit lists, refer to the following documentation article: Password Expiration Monitoring Scope
SharePoint
SharePoint omit lists are found under \%Working Folder%\Netwrix Auditor for SharePoint\Configuration\GUID\. For additional information on SharePoint omit lists, refer to the following article: SharePoint Monitoring Scope
SharePoint Online
SharePoint Online omit lists are found under \%Working Folder%\Netwrix Auditor for SharePoint Online\Configuration\GUID. For additional information on SharePoint Online omit lists, refer to the following article: SharePoint Online Monitoring Scope
SQL Server Auditing
SQL Server omit lists are found under \%Netwrix Auditor installation folder%\SQL Server Auditing. For additional information on SQL Server omit lists, refer to the following documentation article: SQL Server Monitoring Scope
VMWare
VMWare omit lists are found under \%Netwrix Auditor installation folder%\VMware Auditing. For additional information on VMWare omit lists, refer to the following article: VMWare Monitoring Scope
Windows Server
Windows Server omit lists are found under \%Netwrix Auditor installation folder%\Windows Server Auditing. For additional information on Windows Server omit lists, refer to the following documentation article: Windows Server Monitoring Scope