Permitted Log Locations
By default, Enterprise Session Monitor will allow any process to register any file as a log file. In certain deployment scenarios this could present a security risk by allowing users to gain read access to files for which they are typically unauthorized. To prevent users from arbitrarily adding files as the log files for a process, Enterprise Session Monitor administrators may specify one or more regular expressions within a file called
permittedLogFileLocatons.yaml file exists in the
bin folder of the ESM agent, only files that match one of the specified regular expressions maybe added.
Sample file format:
permittedLocations: - regex1 - regex2
By default this file does not exists and any location/file may be added as a log file to a process.
Created: April 24, 2023