Working with Policies

Enable the console to verify the endpoint performs at startup.

• By default, when an agent is configured to communicate with the console, it performs a number of checks on startup to ensure proper configuration and communication.

• These checks are helpful when troubleshooting issues between the agent and the console as they log relevant information in the local agent log.

The computer name format.

• Use Host/NetBIOS name (Default)

  • Windows agents report their NetBIOS name to the console

  • Mac agents report their hostname (the output of "hostname -s").

• Use FQDN

  • Windows and Mac agents report their Fully Qualified Domain Name

  • (on Mac OS, this is the output of "hostname").

• Use Computer Name

  • For Mac agents, an additional option is also available, "Use Computer Name":

  • This uses the computer name as displayed in the System Preferences.

Specify how Spirion stores results during a search.

• By default, the agent application holds all results in memory during a search.

• To force the client to use an on-disk database, set this value to "On-disk database".

• When using on-disk database mode, the results appear in a flat report without the parent/child hierarchy.

Controls how a file is deleted when a location is remediated using shred to prevent the deleted file from being recovered.

• Delete Only - This option deletes the Location (File) and does not take any additional action.

  • This is the most performant option, but the file is likely still recoverable.

• Fast Shred - This option deletes the Location (File) and overwrites the physical bits on the hard drive a single time to reduce the possibility of the file being recovered.

• Intense Shred (DOD) - This option deletes the Location (File) and overwrites the physical bits on the hard drive multiple times (to DOD standard) to minimize the possibility of the file being recovered.

Controls how a file is deleted when a location is remediated using shred to prevent the deleted file from being recovered.

• Delete Only - This option deletes the Location (File) and does not take any additional action.

  • This is the most performant option, but the file is likely still recoverable.

• Fast Shred - This option deletes the Location (File) and overwrites the physical bits on the hard drive a single time to reduce the possibility of the file being recovered.

• Intense Shred (DOD) - This option deletes the Location (File) and overwrites the physical bits on the hard drive multiple times (to DOD standard) to minimize the possibility of the file being recovered.

The number of passes to use when Shredding files:

• Valid values: 1-7

• By default, the endpoint application uses a 3-pass wipe for shred

• Increase or decrease this value depending on your requirements

The Agent operation uses the Temp File Location, but only if it has an assigned value.

• The file location must have a Windows file path

• File location cannot be a mapped network drive

By default, the version/revision of the file located in the cloud storage that was searched is deleted after an action is performed.

• For example, classifying a file in cloud storage creates a new revision of the file and the previous one is deleted.

• To preserve the previous revision, set this to "Keep previous version".

• Note: This setting applies only to Box as not all cloud storage providers provide a method to delete the previous version.

Enable (or prevent) settings in a configuration file to override system settings.

• System settings, such as HKLM, are authoritative sources.

• To prevent users from creating a configuration file to circumvent those settings, settings are only read from configuration files if they do not exist as a system setting.

• Enable - Enable settings in configuration files to override system settings.

• Disable - Prevent settings in configuration files from overriding system settings

• Note: This value can only be set as a system setting, such as HKLM - it cannot be specified in a configuration file itself.

The end user's service behavior selection.

* This is a Sensitive Data Watcher (File and Email Watcher) setting only.

Full path to custom search plug-ins.

• Disable - Default setting. Disables custom search plug-ins.

• Enable Plugins - Enables custom search plug-ins. Enter the path to the directory which contains the plug-ins.

  • Example path: C:\spirion\CustomSearchPlugins

Specify whether classifications are editable via integration add-ins.

• Allow Classification via Add-ins - By default, classifications can be viewed and edited through the integration add-ins (Outlook, Office, Adobe, Shell).

• Prevent Classification via Add-ins - Prevent users from modifying classifications using add-ins (Outlook, Office, Adobe, Shell).

• With a value of "Prevent Classification via Add-ins" (1), the integration add-in usage is described below:

  • Shell: Icon overlays are visible. Classification context menu and properties tab are viewable but disabled for editing.

  • Adobe: Classification dialog is viewable but items are disabled. There is no OK button to save changes.

  • Outlook: Classification pane is displayed. Ribbon button is disabled.

  • Office: Classification pane is displayed. Ribbon button is disabled.

Automatically save error reports when the dialog is closed.

• By default, when an error report dialog is displayed, a user can use the Save button to save a copy of the error report for submission to the Support Team.

• If the dialog is closed without saving, the error report is gone and cannot be retrieved.

• To disable the Preview and Save button in the error report dialog and automatically save the error report to disk when the dialog is dismissed, set this to "Automatically save error report on close" (1).

The text to display in the body of an error report dialog.

• To customize the text displayed in an error report dialog, for example to specify that error reports should be e-mailed to an internal IT address, specify the desired text.

• By default (and when this setting is left blank), the default text is displayed in the error report dialog instructing users to save the error report and send it to the Support Team.

The text to display in the header of an error report dialog window.

• To customize the text displayed in the header of an error report dialog (this is the text at the top of the dialog body next to the icon, not the window title), specify the desired text.

• By default (and when this setting is blank), the default text is displayed in the error report dialog indicating that the software has encountered an error and could not continue.

The number of days of logs to include when using the Gather Data function

• When performing a Gather Data to obtain diagnostic information to assist with troubleshooting, log files from the most recent 30 days are automatically included, subject to the setting MaxGatherDataSize.

• To include additional, older logs, increase this value.

• Default: 30 days

The maximum size - in MB - of the output of the Gather Data function.

• By default, the size of the output of the Gather Data function is not limited.

• When performing troubleshooting, there may be limits on the size of Gather Data that can be shared with the Support Team.

• If it is necessary to limit the maximum size of the Gather Data function, set this value to that maximum size and logs are automatically removed until the Gather Data size is smaller than the specified maximum.

• Any logs removed are listed in the Missing Logs text file in the Gather Data.

• Default: 0

Instructs the Agent to compress JSON payloads.

• Enabled

• Disabled

Show the Help item in the Windows Shell Extension.

• The endpoint application supports a Windows Explorer shell extension to perform actions on files and folders in the shell via the right-click context menu.

• Show Menu - Enable the Help option.

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

Show the Search item in the Windows Shell Extension

• The endpoint application supports a Windows Explorer shell extension to perform actions on files and folders in the shell via the right-click context menu.

• If the shell extension DLL is loaded the settings in the endpoint UI can control which actions are available on the menu.

• Show Menu - Enables the Search with Spirion option.

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

Show the Encrypt item in the Windows Shell Extension

• The endpoint application supports a Windows Explorer shell extension to perform actions on files and folders in the shell via the right-click context menu.

• If the shell extension DLL is loaded the settings in the endpoint UI can control which actions are available on the menu.

• Show Menu - Enables the Encrypt within Spirion File Vault option.

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

Show the Shred item in the Windows Shell Extension

• The endpoint application supports a Windows Explorer shell extension to perform actions on files and folders in the shell via the right-click context menu.

• If the shell extension DLL is loaded the settings in the endpoint UI can control which actions are available on the menu.

• Show Menu - Enables the Shred with Spirion option.

• Hide Menu - Prevents the Shred with Spirion option from appearing in the context menu

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

Show Shell Extension items in a Windows sub-menu

• The endpoint application supports a Windows Explorer shell extension to perform actions on files and folders in the shell via the right-click context menu.

• Do not use sub-menu - Displays shell extension items in the top-level menu rather than a sub-menu.

• Show menu - Displays shell extension items in the sub-menu.

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

Displays or hides the Search Wizard when the endpoint application launches in interactive mode.

• When running as a task, this setting is ignored.

• Skip Search Wizard - Does not show the search wizard when the endpoint application launches in interactive mode

• Show Search Wizard - Shows the search wizard when the endpoint application launches in interactive mode

• Note: Other settings depend on the Show Wizard setting: Startup Wizard Search Option can take effect only if this Show Wizard is set to "Show Search Wizard."

* This option is for Windows and Mac. Linux is excluded.

Disable/Enable the Results Wizard feature

• Disable Results Wizard - Disables the Results Wizard.

• Enable Results Wizard - Enables the Results Wizard.

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

Set the default option for OnlyFind in the Search Wizard

• Specify the default option for the radio button on the "OnlyFind Search Using Your Personal Information" page of the Search Wizard.

• No - Sets the radio button to "No"

• Yes - Sets the radio button to "Yes"

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

Set the default option for the Search Wizard

• Specify the default behavior of the Search Wizard:

  • Start Searching Now

  • Continue in Wizard Mode

  • Skip Wizard and Use Advanced Mode

• This option only has an effect if the Search Wizard is displayed - the setting Show Wizard must be set to "Show Search Wizard". See Show Wizard, above.

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

Specify the user experience when a search completes

• For scans initiated from the Windows Agent UI, when a search is completed, specify the next action:

  • Show Search Summary Window (Default) - After a search is completed, the user can be prompted with the Search Summary dialogue which enables them to sign in with their Profile Password (if not signed in already) as well as choose the Results Wizard or Advanced Mode.

  • Show Results Wizard

  • Skip Wizard and Summary and use Advanced mode

Note: If this option is set in the system container to Show Results Wizard or Show Advanced Mode, the user does not have the opportunity to sign in with their profile password when the search is completed.

Mask all matches in preview pane

• Disable - When a result is selected in the results view, the matches for that location are highlighted in bold and yellow in the preview pane.

• Enable - When a result is selected in the results view, the matches for that location are replaced with a black bar in the preview pane,

Select check remote files for existence to prompt to remove remote files from the view if they do not exist

• This check always happens for local files.

• This setting applies to the selection of the row via left or right-click, checkbox, or any "Select All" function

Use Flat Report - Present search results in a flat report without a parent/child hierarchy

• By default, in memory mode, the endpoint application results are presented with a parent/child report relationship where information about the location (that is, path, type, size, owner, etc.) are not displayed for every row, but rather once per location with each child row displaying specific match information.

• Reports all information on all rows

• On-disk database mode - When using on-disk database mode, this value is ignored and the flat report display is always used.

The style of display for the classification column in the endpoint UI

• Icon - By default, the application displays the icon for the highest priority classification in the endpoint UI.

  • If the highest priority classification does not have an icon, its color is displayed.

• Color - Always display the color of the highest priority classification.

• Name - Displays the name of the classification level in text.

When the endpoint starts, the default action is to prompt for the user's Profile Password.

• If the login is skipped and the Guest Profile is used, the user may not want to be prompted to sign-in on subsequent runs.

• To always prompt the user for their Profile Password, regardless of whether they previously signed in or not, set this value to "Always prompt" (1).

To prevent users from changing their profile password, set this value to "Prevent change" (1).

* This option is specific to Windows and Mac. Linux is excluded.

To prevent users from deleting their profile, set this value to "Prevent delete" (1).

* This option is specific to Windows and Mac. Linux is excluded.

To disable the use of the export profile button, set this value to "Disable" (1).

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

To disable the use of the import profile button, set this value to "Disable" (1).

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

By default, there are no requirements on the length or composition of passwords used for the Profile Password or with the Encrypt action.

• To require strong passwords, set this value to "Require strong passwords" (1).

• To specify the password strength requirement itself, use the setting Profile\PasswordStrength.

* This option is specific to Windows and Mac. Linux is excluded.

By default, when exporting the profile, all settings are included in the profile export.

• To only include settings that are not set as their default, set this to "Do not export default settings" (0).

* This option is specific to Windows and Mac. Linux is excluded.

Use Profile Password the Encrypt action.

• To require that users always be prompted for individual passwords, set this value to "Require individual passwords" (0).

Users can login to the endpoint using their Profile Password or skip login and use the Guest Profile.

• To prevent users from using the Guest Profile and require login, set this value to "Require login" (1).

• To prevent users from logging in and require them to always use the Guest Profile, set this value to "Prohibit login" (2).

Note: This setting cannot be specified in an XML configuration file.

* This option is specific to Windows and Mac. Linux is excluded.

Use Profile Password for sign on, Encrypt, Open, Save, and other actions that require a password.

• To require that users always be prompted for individual passwords, set this value to "Require individual passwords" (0).

* This option is specific to Windows and Mac. Linux is excluded.

Use Profile Password Save.

• To require that users always be prompted for individual passwords, set this value to "Require individual passwords" (0).

* This option is specific to Windows and Mac. Linux is excluded.

When using the on-disk database to store results during the search rather than holding them in memory, the sort operation can be very slow.

Because of this, sort is disabled by default in this scenario.

• To enable sorting during a search while using the on-disk database, set this value to "Enable" (1).

* This option is specific to Windows and Mac. Linux is excluded.

After a match is found, it is displayed in the results view.

• To prevent the endpoint application from storing the match itself in the results view (but displaying all other relevant information such as location and match type), set this value to "Enable" (1).

Note: When this setting is enabled, the Redact action cannot be used as the match information is required for redact to operate.

Note: If preview is enabled, the first character of the match is highlighted in the Preview pane when a result is selected in the Results pane.

* This option is specific to Windows and Mac. Linux is excluded.

When using on-disk database mode to store results during the search, the results are batch inserted into the database to manage disk I/O.

• To change the number of rows that must exist before a write to disk (or the elapsing of the UpdateTimer), specify the number of rows.

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

When using on-disk database mode to store results during the search, the results are batch inserted into the database to manage disk I/O.

• If the number of rows specified in RowCacheSize is not met, but the number of seconds in this value elapses, the results are written to disk.

• To change the timer, specify the desired number of seconds in this value.

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

By default, when the endpoint application is executed as a scheduled task in the context of the logged on user, it remains open and enables the user to interact with those results.

• To always automatically exit the application upon completion of a scheduled task search, set this value to "Always exit" (1).

• To only automatically exit the application when there are no results, set this value to "Only exit when no results" (2).

Specify the encrypted password to be used when automatically saving an IDF results file

Note: This value must be created using the endpoint GUI.

Reference documentation is available at Creating a Password Hash for Auto Saving Results During Scheduled Task Searches

Specify the encrypted password to use when automatically saving a secondary IDF results file

Note: This value must be created using the endpoint GUI.

Reference documentation is available at Creating a Password Hash for Auto Saving Results During Scheduled Task Searches

The folder path and file name for the saved IDF file.

• Specify the full folder path and file name for the saved results file

• To specify a folder name only, the value SaveLocationIsFolderName must be set to "True"

The folder path and file name for the secondary saved IDF file.

• Specify the full folder path and file name for a secondary saved results (IDF) file

• To specify a folder name only, the value SaveLocationIsFolderName must be set to "True"

Specify that saveFolderLoc/saveFolderLoc2 are folder names rather than file names.

• True - Treats the locations in SaveLocation and SaveLocation2 as folders rather than full paths to specific file names

• When enabled, the endpoint application automatically creates new names for the saved results files based on the source machine name in addition to a time stamp.

Specify the location of the settings for the scheduled task.

• Settings for a scheduled task can be read from any of the following:

  • A user profile (Settings)

  • An alternate registry-based location (JobSettings)

  • Configuration file

• In all instances, the hierarchy of system settings and overrides is respected

Enable the ability to automatically save search results.

• To automatically save results to an IDF file upon search completion, set this value greater than 0

Note: In Version 7.0.x of the endpoint software, this setting only applies to interactive, user searches and cannot be used with background user searches or system searches. This was updated in version 7.1 to apply to all search types.

Enable the ability to automatically save results to a secondary file of type IDF.

• To automatically save results to an additional file (only type idf) upon search completion, set this value to "Enable"

Note: In Version 7.0.x of the endpoint software, this setting only applies to interactive, user searches and cannot be used with background user searches or system searches. This was updated in version 7.1 to apply to all search types.

Specify the path to a configuration file

• Specify the full path to a configuration file in XML format that holds the settings to be used for the scheduled task.

• This setting is only valid when SettingsSource is set to "Configuration File".

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

Automatically create the folder for saved results file.

• To automatically create the folder for saved results file if it does not already exist, set this value to "Enable"

Automatically create the folder for secondary saved results file

• To automatically create the folder for the secondary saved results (idf) file if it does not already exist, set this value to "Enable".

The elements and options to save in the Text Export.

• Specify the elements and options to save in the Text Export.

• When using this setting outside of the console, note that the value for this setting is a bitmask of the logical OR of any of these values.

• When created in the Windows Registry, they are of type REG_DWORD.

• When entered into the Windows Registry or a configuration XML file, they should be entered as hexadecimal values.

• When entered into a security template (.inf) file, they should be entered in decimal.

• When both "last four" and "last four (and first six for CCNs)" are selected, "last four (and first six for CCNs)" are used.

Save all information of each row of the Text Export.

• Enable - Saves all information of each row of the saved Text Export.

• Disable - Preserves the parent/child layout while a setting of "Enable" repeats all information on all rows.

* This option is specific to Windows and Mac. Linux is excluded.

Save the "Multiple Match" rows in the Text Export

• To disable the saving of the "Multiple Match" rows, set this value to "Disable".

The elements and options to save in the Web Page Report.

• Specify the elements and options to save in the Web Page Report (used only when HTMLReportType is set to "Custom Report")

• When using this setting outside of the console, note that the value for this setting is a bitmask of the logical OR of any of these values

• When created in the Windows Registry, they are of type REG_DWORD

• When entered into the Windows Registry or a configuration XML file, they should be entered as hexadecimal values

• When entered into a security template (.inf) file, they should be entered in decimal

• When both "last four" and "last four (and first six for CCNs)" are selected, "last four (and first six for CCNs)" are used

The options for saved Web Page Report

• Specify the option for the saved Web Page Report.

* This option is specific to Windows and Mac. Linux is excluded.

The elements and options to save in the Encrypted IDF file.

• Specify the elements and options to save in the Secure IDF file

• When Save Match is disabled, some functionality is disabled

• Notably, the highlight in the Preview pane is incorrect and the Redact action fails

• When using this setting outside of the console, note that the value for this setting is a bitmask of the logical OR of any of these values

• When created in the Windows Registry, they are of type REG_DWORD

• When entered into the Windows Registry or a configuration XML file, they must be entered as hexadecimal values

• When entered into a security template (.inf) file, they must be entered in decimal

* This option is specific to Windows and Mac. Linux is excluded

Disable the ability save encrypt IDF results files.

• To disable the ability save encrypt IDF results files, set this value to "Disable save as idf" (1)

* This option is specific to Windows and Mac. Linux is excluded.

Disable the ability to save results in clear text

• To disable the ability to save results in any format other than encrypted IDF format, set this value to "Disable clear text save" (1).

* This option is specific to Windows and Mac. Linux is excluded.

Automatically check previous file results for existence.

• Beginning with version 6 of the client, by default, results that are visible in the UI are automatically encrypted, saved on exit, and automatically displayed in the endpoint UI when a user opens the endpoint interactively and signs into their profile.

• The save uses a "machine key" to prevent the opening of the results file on another computer.

• When this setting is enabled and the endpoint is configured to communicate with the console, file results are automatically and transparently checked for existence on startup.

• If the files no longer exist (for example, they were deleted from within Windows Explorer), that information is communicated to the console.

• To enable the checking of previous file results for existence, set this to "Check results" (1).

Enable the ability to automatically save search results.

To automatically save results to an IDF file upon search completion, set to "Save as IDF," or "Save as HTML."

• Disable

• Save as IDF

• Save as HTML

Note: In Version 7.0.x of the endpoint software, this setting only applies to interactive, user searches and cannot be used with background user searches or system searches. This was updated in version 7.1 to apply to all search types.

Log informational messages when performing auto-actions.

• To disable the logging of informational messages when performing auto-actions, set this value to "Do not log messages"

Log error messages when performing auto-actions.

• To disable the logging of error messages when performing auto-actions, set this value to "Do not log errors"

Log informational messages.

• To disable the logging of informational messages, set this value to "False"

Log error messages.

• To disable the logging of error messages, set this value to "False"

Log debug messages.

• To disable the logging of debug messages, set this value to "False"

Log items skipped because they were secure.

• To disable the logging of secure items skipped, set this value to "False"

Log information when performing updates

• When the Client Updates feature of the console is used, the endpoint service can update itself as well as the client application.

• To disable logging for this process, set this value to Disable

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

The method for creating new logs.

• Specify the method for creating new logs

Log each location searched.

• To enable the logging of locations searched, set this value to "True"

Log each location with a match.

• To enable the logging of locations containing matches, set this value to "True"

Log user actions when performing auto-actions

• To disable the logging of user actions when performing auto-actions, set this value to "Do not log user actions"

The format for the logs.

• Specify the format for the log file

Log message types read by the console.

• Specify which log message types are to be read by the console and inserted into the console database.

• When using this setting outside of the console, note that the value for this setting is a bitmask of the logical OR of any of these values.

• When created in the Windows Registry, they are of type REG_DWORD.

• When entered into the Windows Registry or a configuration XML file, they should be entered as hexadecimal values.

• When entered into a security template (.inf) file, they should be entered in decimal.

Send logs to the console.

• To send the endpoint logs to the console, set this value to "Enable"

• Endpoint logs can create a large amount of data in the console database which can decrease performance of the console application.

• It is recommended that this setting only be enabled for specific endpoints during initial configuration/evaluation and during troubleshooting.

When using Sensitive Data Watcher's Email component (internally email change monitor service), it may be desirable to see detailed logging information during configuration or troubleshooting.

The logging specified via this setting applies only when logging has been enabled and specific log entries are displayed only if their corresponding log type has been enabled (for example, Info, Error).

The following log levels are available:

• Disable logging (Default): No logging messages will be recorded.

• Log Informational Messages: Standard logging.

• Log Debugging Messages: Comprehensive logging.

• Log Detailed Trace Messages: Detailed trace logging.

• Log all messages: Capture all log messages

Note: Logging beyond the default level, especially the maximum level, creates very large log files and may contain sensitive information.

The level of detail to log when searching with Discovery Teams.

When searching with Discovery Teams, it may be desirable to see detailed logging information during configuration or troubleshooting.

The logging specified via this setting applies only when logging has been enabled and specific log entries are displayed only if their corresponding log type has been enabled (example: Info, Error) .

The following log levels are available:

• Disabled

• Standard Logging

• Additional Logging

• Comprehensive logging

• Full logging

  Note: Logging beyond the default level, especially the maximum level, may create very large log files and may contain sensitive information.

*This setting applies Windows and Linux. Mac OS is excluded.

Keep only a specified number of endpoint service logs

• By default, all endpoint service logs are retained until they are manually deleted.

• To have the endpoint service keep a maximum number of logs and delete the oldest logs above that number, set this to Keep a maximum number of logs.

• To customize the number of logs, use the setting AutoDeleteMoreThanMaxLogsOnExitThreshold.

• If there are greater than the specified threshold number of logs, the oldest logs are deleted when the endpoint service shuts down (or restarts).

The number of endpoint logs to retain.

• By default, all endpoint logs are retained until the "Delete all logs" button is pressed (which deletes all endpoint logs) or the logs are manually deleted outside of the application.

• To have the endpoint keep a maximum number of logs and delete the oldest logs above that number, set AutoDeleteMoreThanMaxLogsOnExit to Keep a maximum number of logs.

• To customize the number of logs, use this setting to specify the threshold.

• If there are greater than the specified threshold number of logs, the oldest logs are deleted when the endpoint exits.

Automatically delete endpoint service logs older than a specified number of days.

• By default, all endpoint service logs are retained until they are manually deleted.

• To have the endpoint service automatically delete logs older than a specified number of days, set this to Delete old logs.

• To customize the number of days, use the setting AutoDeleteOldLogsThreshold.

• Any logs older than the specified number of days are deleted when the endpoint service shuts down (or restarts).

The number of days to retain endpoint service logs.

• By default, all endpoint service logs are retained until they are manually deleted.

• To have the endpoint service automatically delete logs older than a specified number of days, set AutoDeleteOldLogsOnExit to Delete old logs and specify the number of days in this setting.

• Any logs older than the specified number of days are deleted when the endpoint service shuts down (or restarts).

The name of the previous log file.

• Specify the name of the previous log file.

• This value is used to determine if a new log must be created (when current log name is different than last log name).

The path for saved log files.

• Specify the path in which to save log files.

• The default value is the user profile folder \Identity Finder\logs

Disable the use of the Clear Logs buttons to delete existing logs.

• To disable the "Clear Logs" button to delete existing logs, set this value to "Disable delete".

Disable the use of the Use Default button to reset the log path.

• To disable the "Use Default" button to reset the log path, set this value to "Disable reset".