Permitted Log Locations

By default, Enterprise Session Monitor will allow any process to register any file as a log file. In certain deployment scenarios this could present a security risk by allowing users to gain read access to files for which they are typically unauthorized. To prevent users from arbitrarily adding files as the log files for a process, Enterprise Session Monitor administrators may specify one or more regular expressions within a file called permittedLogFileLocations.yaml.

When the permittedLogFileLocatons.yaml file exists in the bin folder of the ESM agent, only files that match one of the specified regular expressions maybe added.

Sample file format:

  - regex1
  - regex2

By default this file does not exists and any location/file may be added as a log file to a process.

Last update: April 24, 2023
Created: April 24, 2023