Working with Policies

Enable the console to verify the endpoint performs at startup.

• By default, when an agent is configured to communicate with the console, it performs a number of checks on startup to ensure proper configuration and communication.

• These checks are helpful when troubleshooting issues between the agent and the console as they log relevant information in the local agent log.

The computer name format.

• Use Host/NetBIOS name (Default)

  • Windows agents report their NetBIOS name to the console

  • Mac agents report their hostname (the output of "hostname -s").

• Use FQDN

  • Windows and Mac agents report their Fully Qualified Domain Name

  • (on Mac OS, this is the output of "hostname").

• Use Computer Name

  • For Mac agents, an additional option is also available, "Use Computer Name":

  • This uses the computer name as displayed in the System Preferences.

Specify how Spirion stores results during a search.

• By default, the agent application holds all results in memory during a search.

• To force the client to use an on-disk database, set this value to "On-disk database".

• When using on-disk database mode, the results appear in a flat report without the parent/child hierarchy.

Controls how a file is deleted when a location is remediated using shred to prevent the deleted file from being recovered.

• Delete Only - This option deletes the Location (File) and does not take any additional action.

  • This is the most performant option, but the file is likely still recoverable.

• Fast Shred - This option deletes the Location (File) and overwrites the physical bits on the hard drive a single time to reduce the possibility of the file being recovered.

• Intense Shred (DOD) - This option deletes the Location (File) and overwrites the physical bits on the hard drive multiple times (to DOD standard) to minimize the possibility of the file being recovered.

Controls how a file is deleted when a location is remediated using shred to prevent the deleted file from being recovered.

• Delete Only - This option deletes the Location (File) and does not take any additional action.

  • This is the most performant option, but the file is likely still recoverable.

• Fast Shred - This option deletes the Location (File) and overwrites the physical bits on the hard drive a single time to reduce the possibility of the file being recovered.

• Intense Shred (DOD) - This option deletes the Location (File) and overwrites the physical bits on the hard drive multiple times (to DOD standard) to minimize the possibility of the file being recovered.

The number of passes to use when Shredding files:

• Valid values: 1-7

• By default, the endpoint application uses a 3-pass wipe for shred

• Increase or decrease this value depending on your requirements

The Agent operation uses the Temp File Location, but only if it has an assigned value.

• The file location must have a Windows file path

• File location cannot be a mapped network drive

By default, the version/revision of the file located in the cloud storage that was searched is deleted after an action is performed.

• For example, classifying a file in cloud storage creates a new revision of the file and the previous one is deleted.

• To preserve the previous revision, set this to "Keep previous version".

• Note: This setting applies only to Box as not all cloud storage providers provide a method to delete the previous version.

Enable (or prevent) settings in a configuration file to override system settings.

• System settings, such as HKLM, are authoritative sources.

• To prevent users from creating a configuration file to circumvent those settings, settings are only read from configuration files if they do not exist as a system setting.

• Enable - Enable settings in configuration files to override system settings.

• Disable - Prevent settings in configuration files from overriding system settings

• Note: This value can only be set as a system setting, such as HKLM - it cannot be specified in a configuration file itself.

The end user's service behavior selection.

* This is a Sensitive Data Watcher (File and Email Watcher) setting only.

Full path to custom search plug-ins.

• Disable - Default setting. Disables custom search plug-ins.

• Enable Plugins - Enables custom search plug-ins. Enter the path to the directory which contains the plug-ins.

  • Example path: C:\spirion\CustomSearchPlugins

Specify whether classifications are editable via integration add-ins.

• Allow Classification via Add-ins - By default, classifications can be viewed and edited through the integration add-ins (Outlook, Office, Adobe, Shell).

• Prevent Classification via Add-ins - Prevent users from modifying classifications using add-ins (Outlook, Office, Adobe, Shell).

• With a value of "Prevent Classification via Add-ins" (1), the integration add-in usage is described below:

  • Shell: Icon overlays are visible. Classification context menu and properties tab are viewable but disabled for editing.

  • Adobe: Classification dialog is viewable but items are disabled. There is no OK button to save changes.

  • Outlook: Classification pane is displayed. Ribbon button is disabled.

  • Office: Classification pane is displayed. Ribbon button is disabled.

Automatically save error reports when the dialog is closed.

• By default, when an error report dialog is displayed, a user can use the Save button to save a copy of the error report for submission to the Support Team.

• If the dialog is closed without saving, the error report is gone and cannot be retrieved.

• To disable the Preview and Save button in the error report dialog and automatically save the error report to disk when the dialog is dismissed, set this to "Automatically save error report on close" (1).

The text to display in the body of an error report dialog.

• To customize the text displayed in an error report dialog, for example to specify that error reports should be e-mailed to an internal IT address, specify the desired text.

• By default (and when this setting is left blank), the default text is displayed in the error report dialog instructing users to save the error report and send it to the Support Team.

The text to display in the header of an error report dialog window.

• To customize the text displayed in the header of an error report dialog (this is the text at the top of the dialog body next to the icon, not the window title), specify the desired text.

• By default (and when this setting is blank), the default text is displayed in the error report dialog indicating that the software has encountered an error and could not continue.

The number of days of logs to include when using the Gather Data function

• When performing a Gather Data to obtain diagnostic information to assist with troubleshooting, log files from the most recent 30 days are automatically included, subject to the setting MaxGatherDataSize.

• To include additional, older logs, increase this value.

• Default: 30 days

The maximum size - in MB - of the output of the Gather Data function.

• By default, the size of the output of the Gather Data function is not limited.

• When performing troubleshooting, there may be limits on the size of Gather Data that can be shared with the Support Team.

• If it is necessary to limit the maximum size of the Gather Data function, set this value to that maximum size and logs are automatically removed until the Gather Data size is smaller than the specified maximum.

• Any logs removed are listed in the Missing Logs text file in the Gather Data.

• Default: 0

Instructs the Agent to compress JSON payloads.

• Enabled

• Disabled

Show the Help item in the Windows Shell Extension.

• The endpoint application supports a Windows Explorer shell extension to perform actions on files and folders in the shell via the right-click context menu.

• Show Menu - Enable the Help option.

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

Show the Search item in the Windows Shell Extension

• The endpoint application supports a Windows Explorer shell extension to perform actions on files and folders in the shell via the right-click context menu.

• If the shell extension DLL is loaded the settings in the endpoint UI can control which actions are available on the menu.

• Show Menu - Enables the Search with Spirion option.

• Hide Menu - Hides the Search with Spirion option.

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

Show the Encrypt item in the Windows Shell Extension

• The endpoint application supports a Windows Explorer shell extension to perform actions on files and folders in the shell via the right-click context menu.

• If the shell extension DLL is loaded the settings in the endpoint UI can control which actions are available on the menu.

• Show Menu - Enables the Encrypt within Spirion File Vault option.

• Hide Menu - Hides the Encrypt within Spirion File Vault option.

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

Show the Shred item in the Windows Shell Extension

• The endpoint application supports a Windows Explorer shell extension to perform actions on files and folders in the shell via the right-click context menu.

• If the shell extension DLL is loaded the settings in the endpoint UI can control which actions are available on the menu.

• Show Menu - Enables the Shred with Spirion option.

• Hide Menu - Prevents the Shred with Spirion option from appearing in the context menu

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

Show Shell Extension items in a Windows sub-menu

• The endpoint application supports a Windows Explorer shell extension to perform actions on files and folders in the shell via the right-click context menu.

• Do not use sub-menu - Displays shell extension items in the top-level menu rather than a sub-menu.

• Show menu - Displays shell extension items in the sub-menu.

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

Disable/Enable the Results Wizard feature

• Disable Results Wizard - Disables the Results Wizard.

• Enable Results Wizard - Enables the Results Wizard.

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

Set the default option for OnlyFind in the Search Wizard.

• Yes - Specify the default option for the radio button on the "OnlyFind Search Using Your Personal Information" page of the Search Wizard.

• No - To set the radio button to "No," set this value to:

Set the default option for the Search Wizard Win UseStartupWizard Show Search Wizard Default Show the Search Wizard.

• Show the Search Wizard when the endpoint application launches in interactive mode.

• When running as a task, this setting is ignored.

Specify the user experience when a search completes.

• After a search completes, the user can be prompted with the Search Summary dialog, which enables them to sign in with their Profile Password (if not signed in already) as well as choose to use the Results Wizard or Advanced Mode.

• Note: If this option is set in the system container to "Show Results Wizard" or "Show Advanced Mode," the user does not have the opportunity to sign in with their profile password when the search completes.

Mask all matches in preview pane

• Enable this setting to prevent highlighted matches in the preview pane from being displayed in bold and yellow.

• Instead, it replaces the matches with a black bar in the preview pane.

When selecting a remote file result, check it for existence

• Enable this setting to check if remote files exist.

• This prompts to remove remote files from the view if they do not exist, and this check always occurs for local files.

Present search results in a flat report without a parent/child hierarchy

Enable this setting to present search results in a flat report without a parent-child hierarchy.

• By default, in memory mode, the Agent application results are presented with a parent/child report relationship where information about the location (that is, path, type, size, owner, etc.) are not displayed for every row, but rather once per location with each child row displaying specific match information.

• Enabling this setting reports all information on all rows.

• On-disk database mode - When using on-disk database mode, this value is ignored and the flat report display is always used.

The style of display for the classification column in the endpoint UI.

• By default, the application displays the icon for the highest priority classification in the endpoint UI.

• If the highest priority classification does not have an icon, its color is displayed.

• To always use the color, set this to "Color" (1).

• To display the name of the classification level in text, set this to:
  • "Name" (2)

Display results collapsed rather than expanded:

• Show expanded - By default, results are displayed in the Results View expanded. That is, every child row is displayed.

• Show collapsed - Results are shown in the Results view with child rows collapsed/hidden by default,

* This option is a Windows and Mac option. Linux is excluded.

By default, the entire match string of the match data is sent to the console. Additionally, preview information (even if enabled) will not be sent to the console.

• Enabled - Enables setting "Send Only Last Four Characters". See below.

• Disabled - The entire match string of the match data is sent to the console. Disables setting "Send Only Last Four Characters". See below.

Always prompt for Profile Password on start up.

When the endpoint starts, the default action is to prompt for the user's Profile Password

• If the log-in is skipped and the Guest Profile is used, the user may not want to be prompted to sign-in on subsequent runs

• Enable this setting to always prompt the user for their Profile Password, regardless of whether they previously signed in or not

• Disable this setting to prevent the system from always prompting the user for their Profile Password

Disable the ability for users to change their profile password.

• Enable this setting to prevent users from changing their profile password

• Disable this setting to enable users to change their profile password

Disable the ability for users to delete their profile.

• Enable this setting to prevent users from deleting their profile

• Disable this setting to enable users to delete their profile

Disable the export profile button.

• Enable this setting to disable the use of the export profile button

• Disable this setting to enable the use of the export profile button

Disable the import profile button.

• Enable this setting to disable the use of the import profile button

• Disable this setting to enable the use of the import profile button

Password strength requirements. Enable this setting to require strong passwords.

• Enabled (0) (Default) - Strong passwords required. A minimum 6 characters must be used with at least one letter and one non-letter

• Disabled (1) - Strong passwords not required

*This setting applies to Windows and Mac but not Linux.

When exporting the profile, include entries for settings that are set to their default value

• Enabled (1) (Default) - By default, when exporting the profile, all settings are included in the profile export

• Disabled (0) - Include only settings that are not set as their default

*This setting applies to Windows and Mac, but not Linux

Use Profile Password for Encrypt Action

• Enabled - Users are always prompted to use individual passwords

• Disabled - Users are not prompted to use individual passwords

*This setting applies to Windows and Mac, but not Linux.

Requirements to log into the Agent. Users can login to the agent using their profile password or skip login and use the guest profile.

• Allow guest profile (0) (Default) - Skip log in and use the guest profile.

• Require login (1) - Prevent users from using the Guest Profile and require log in.

• Prohibit login (2) - Prevent users from logging in and require them to always use the Guest Profile.

Note: This setting cannot be specified in an XML configuration file.

*This setting applies to Windows and Mac, but not Linux.

Use Profile Password for sign on, Encrypt, Open, Save, and other actions that require a password.

*This setting applies to Windows and Mac but not Linux.

• Require individual passwords (0) - Users are always prompted to use individual passwords

• Use profile password (1) (Default) - Users are prompted to use profile passwords

*This setting applies to Windows and Mac but not Linux.

Enable sort while searching in on-disk mode. When using the on-disk database to store results during the search rather than holding them in memory, the sort operation can be very slow. Because of this, sort is disabled by default in this scenario.

• Enable - Enables sorting during a search while using the on-disk database

• Disable - Disables sorting during a search while using the on-disk database

*This setting applies to Windows and Mac but not Linux.

Exclude matches when collecting results. After a match is found, it is displayed in the results view.

• Enabled - Prevents the Agent application from storing the match itself in the results view (but displaying all other relevant information such as location and match type)

• Disabled - The Agent application stores the match itself in the results view

Note: When this setting is enabled, the Redact action cannot be used as the match information is required for redact to operate.

Note: If preview is enabled, the first character of the match is highlighted in the Preview pane when a result is selected in the Results pane.

*This setting applies to Windows and Mac but not Linux.

Set the Row Cache Size for on-disk database mode.

When using on-disk database mode to store results during the search, the results are batch inserted into the database to manage disk I/O

• To change the number of rows that must exist before a write to disk (or the elapsing of the UpdateTimer), specify the number of rows

*This setting applies to Windows, but not Mac/Linux.

Specify the timer to write results to disk in on-disk database mode.

When using on-disk database mode to store results during the search, the results are batch inserted into the database to manage disk I/O

• If the number of rows specified in RowCacheSize is not met, but the number of seconds in this setting elapses, the results are written to disk

• To change the timer, specify the desired time (in seconds)

• Default - 60 (seconds)

*This setting applies to Windows, but not Mac/Linux.

• Enable - Show tool tips

• Disable - Prevent tool tips from being shown

Enable the visibility of a system tray icon

• Enable (1) - Enables the system tray icon

• Disable (0) (Default) - Disables the system tray icon

*This setting applies to Windows, but not Mac/Linux.

Disable the ability to reset confirmation dialogs

• Disable Reset (1) - Disables the button for resetting confirmations, "don't ask me again" prompts, "always perform my selection" prompts, and similar notifications

• Allow Reset (Default) - Enables the button for resetting confirmations, "don't ask me again" prompts, "always perform my selection" prompts, and similar notifications

*This setting applies to Windows, but not Mac/Linux.

By default, when the endpoint application is executed as a scheduled task in the context of the logged on user, it remains open and enables the user to interact with those results.

• To always automatically exit the application upon completion of a scheduled task search, set this value to "Always exit" (1).

• To only automatically exit the application when there are no results, set this value to "Only exit when no results" (2).

Specify the encrypted password to be used when automatically saving an IDF results file

Note: This value must be created using the endpoint GUI.

Reference documentation is available at Creating a Password Hash for Auto Saving Results During Scheduled Task Searches

Specify the encrypted password to use when automatically saving a secondary IDF results file

Note: This value must be created using the endpoint GUI.

Reference documentation is available at Creating a Password Hash for Auto Saving Results During Scheduled Task Searches

The folder path and file name for the saved IDF file.

• Specify the full folder path and file name for the saved results file

• To specify a folder name only, the value SaveLocationIsFolderName must be set to "True"

The folder path and file name for the secondary saved IDF file.

• Specify the full folder path and file name for a secondary saved results (IDF) file

• To specify a folder name only, the value SaveLocationIsFolderName must be set to "True"

Specify that saveFolderLoc/saveFolderLoc2 are folder names rather than file names.

• True - Treats the locations in SaveLocation and SaveLocation2 as folders rather than full paths to specific file names

• When enabled, the endpoint application automatically creates new names for the saved results files based on the source machine name in addition to a time stamp.

Specify the location of the settings for the scheduled task.

• Settings for a scheduled task can be read from any of the following:

  • A user profile (Settings)

  • An alternate registry-based location (JobSettings)

  • Configuration file

• In all instances, the hierarchy of system settings and overrides is respected

Enable the ability to automatically save search results.

• To automatically save results to an IDF file upon search completion, set this value greater than 0

Note: In Version 7.0.x of the endpoint software, this setting only applies to interactive, user searches and cannot be used with background user searches or system searches. This was updated in version 7.1 to apply to all search types.

Enable the ability to automatically save results to a secondary file of type IDF.

• To automatically save results to an additional file (only type idf) upon search completion, set this value to "Enable"

Note: In Version 7.0.x of the endpoint software, this setting only applies to interactive, user searches and cannot be used with background user searches or system searches. This was updated in version 7.1 to apply to all search types.

Specify the path to a configuration file

• Specify the full path to a configuration file in XML format that holds the settings to be used for the scheduled task.

• This setting is only valid when SettingsSource is set to "Configuration File".

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

Automatically create the folder for saved results file.

• To automatically create the folder for saved results file if it does not already exist, set this value to "Enable"

Automatically create the folder for secondary saved results file

• To automatically create the folder for the secondary saved results (idf) file if it does not already exist, set this value to "Enable".

The elements and options to save in the Text Export.

• Specify the elements and options to save in the Text Export.

• When using this setting outside of the console, note that the value for this setting is a bitmask of the logical OR of any of these values.

• When created in the Windows Registry, they are of type REG_DWORD.

• When entered into the Windows Registry or a configuration XML file, they should be entered as hexadecimal values.

• When entered into a security template (.inf) file, they should be entered in decimal.

• When both "last four" and "last four (and first six for CCNs)" are selected, "last four (and first six for CCNs)" are used.

Save all information of each row of the Text Export.

• Enable - Saves all information of each row of the saved Text Export.

• Disable - Preserves the parent/child layout while a setting of "Enable" repeats all information on all rows.

* This option is specific to Windows and Mac. Linux is excluded.

Save the "Multiple Match" rows in the Text Export

• To disable the saving of the "Multiple Match" rows, set this value to "Disable".

The elements and options to save in the Web Page Report.

• Specify the elements and options to save in the Web Page Report (used only when HTMLReportType is set to "Custom Report")

• When using this setting outside of the console, note that the value for this setting is a bitmask of the logical OR of any of these values

• When created in the Windows Registry, they are of type REG_DWORD

• When entered into the Windows Registry or a configuration XML file, they should be entered as hexadecimal values

• When entered into a security template (.inf) file, they should be entered in decimal

• When both "last four" and "last four (and first six for CCNs)" are selected, "last four (and first six for CCNs)" are used

The options for saved Web Page Report

• Specify the option for the saved Web Page Report.

* This option is specific to Windows and Mac. Linux is excluded.

The elements and options to save in the Encrypted IDF file.

• Specify the elements and options to save in the Secure IDF file

• When Save Match is disabled, some functionality is disabled

• Notably, the highlight in the Preview pane is incorrect and the Redact action fails

• When using this setting outside of the console, note that the value for this setting is a bitmask of the logical OR of any of these values

• When created in the Windows Registry, they are of type REG_DWORD

• When entered into the Windows Registry or a configuration XML file, they must be entered as hexadecimal values

• When entered into a security template (.inf) file, they must be entered in decimal

* This option is specific to Windows and Mac. Linux is excluded

Disable the ability save encrypt IDF results files.

• To disable the ability save encrypt IDF results files, set this value to "Disable save as idf" (1)

* This option is specific to Windows and Mac. Linux is excluded.

Disable the ability to save results in clear text

• To disable the ability to save results in any format other than encrypted IDF format, set this value to "Disable clear text save" (1).

* This option is specific to Windows and Mac. Linux is excluded.

Automatically check previous file results for existence.

• Beginning with version 6 of the client, by default, results that are visible in the UI are automatically encrypted, saved on exit, and automatically displayed in the endpoint UI when a user opens the endpoint interactively and signs into their profile.

• The save uses a "machine key" to prevent the opening of the results file on another computer.

• When this setting is enabled and the endpoint is configured to communicate with the console, file results are automatically and transparently checked for existence on startup.

• If the files no longer exist (for example, they were deleted from within Windows Explorer), that information is communicated to the console.

• To enable the checking of previous file results for existence, set this to "Check results" (1).

Enable the ability to automatically save search results.

To automatically save results to an IDF file upon search completion, set to "Save as IDF," or "Save as HTML."

• Disable

• Save as IDF

• Save as HTML

Note: In Version 7.0.x of the endpoint software, this setting only applies to interactive, user searches and cannot be used with background user searches or system searches. This was updated in version 7.1 to apply to all search types.

Log informational messages when performing auto-actions.

• To disable the logging of informational messages when performing auto-actions, set this value to "Do not log messages"

Log error messages when performing auto-actions.

• To disable the logging of error messages when performing auto-actions, set this value to "Do not log errors"

Log informational messages.

• To disable the logging of informational messages, set this value to "False"

Log error messages.

• To disable the logging of error messages, set this value to "False"

Log debug messages.

• To disable the logging of debug messages, set this value to "False"

Log items skipped because they were secure.

• To disable the logging of secure items skipped, set this value to "False"

Log information when performing updates

• When the Client Updates feature of the console is used, the endpoint service can update itself as well as the client application.

• To disable logging for this process, set this value to Disable

* This option is specific to searches initiated from Windows Agent UI. This is a Windows-only option. Mac/Linux are excluded.

The method for creating new logs.

• Specify the method for creating new logs

Log each location searched.

• To enable the logging of locations searched, set this value to "True"

Log each location with a match.

• To enable the logging of locations containing matches, set this value to "True"

Log user actions when performing auto-actions

• To disable the logging of user actions when performing auto-actions, set this value to "Do not log user actions"

The format for the logs.

• Specify the format for the log file

Log message types read by the console.

• Specify which log message types are to be read by the console and inserted into the console database.

• When using this setting outside of the console, note that the value for this setting is a bitmask of the logical OR of any of these values.

• When created in the Windows Registry, they are of type REG_DWORD.

• When entered into the Windows Registry or a configuration XML file, they should be entered as hexadecimal values.

• When entered into a security template (.inf) file, they should be entered in decimal.

Send logs to the console.

• To send the endpoint logs to the console, set this value to "Enable"

• Endpoint logs can create a large amount of data in the console database which can decrease performance of the console application.

• It is recommended that this setting only be enabled for specific endpoints during initial configuration/evaluation and during troubleshooting.

When using Sensitive Data Watcher's Email component (internally email change monitor service), it may be desirable to see detailed logging information during configuration or troubleshooting.

The logging specified via this setting applies only when logging has been enabled and specific log entries are displayed only if their corresponding log type has been enabled (for example, Info, Error).

The following log levels are available:

• Disable logging (Default): No logging messages will be recorded.

• Log Informational Messages: Standard logging.

• Log Debugging Messages: Comprehensive logging.

• Log Detailed Trace Messages: Detailed trace logging.

• Log all messages: Capture all log messages

Note: Logging beyond the default level, especially the maximum level, creates very large log files and may contain sensitive information.

The level of detail to log when searching with Discovery Teams.

When searching with Discovery Teams, it may be desirable to see detailed logging information during configuration or troubleshooting.

The logging specified via this setting applies only when logging has been enabled and specific log entries are displayed only if their corresponding log type has been enabled (example: Info, Error) .

The following log levels are available:

• Disabled

• Standard Logging

• Additional Logging

• Comprehensive logging

• Full logging

  Note: Logging beyond the default level, especially the maximum level, may create very large log files and may contain sensitive information.

*This setting applies Windows and Linux. Mac OS is excluded.

Keep only a specified number of endpoint service logs

• By default, all endpoint service logs are retained until they are manually deleted.

• To have the endpoint service keep a maximum number of logs and delete the oldest logs above that number, set this to Keep a maximum number of logs.

• To customize the number of logs, use the setting AutoDeleteMoreThanMaxLogsOnExitThreshold.

• If there are greater than the specified threshold number of logs, the oldest logs are deleted when the endpoint service shuts down (or restarts).

The number of endpoint logs to retain.

• By default, all endpoint logs are retained until the "Delete all logs" button is pressed (which deletes all endpoint logs) or the logs are manually deleted outside of the application.

• To have the endpoint keep a maximum number of logs and delete the oldest logs above that number, set AutoDeleteMoreThanMaxLogsOnExit to Keep a maximum number of logs.

• To customize the number of logs, use this setting to specify the threshold.

• If there are greater than the specified threshold number of logs, the oldest logs are deleted when the endpoint exits.

Automatically delete endpoint service logs older than a specified number of days.

• By default, all endpoint service logs are retained until they are manually deleted.

• To have the endpoint service automatically delete logs older than a specified number of days, set this to Delete old logs.

• To customize the number of days, use the setting AutoDeleteOldLogsThreshold.

• Any logs older than the specified number of days are deleted when the endpoint service shuts down (or restarts).

The number of days to retain endpoint service logs.

• By default, all endpoint service logs are retained until they are manually deleted.

• To have the endpoint service automatically delete logs older than a specified number of days, set AutoDeleteOldLogsOnExit to Delete old logs and specify the number of days in this setting.

• Any logs older than the specified number of days are deleted when the endpoint service shuts down (or restarts).

The name of the previous log file.

• Specify the name of the previous log file.

• This value is used to determine if a new log must be created (when current log name is different than last log name).

The path for saved log files.

• Specify the path in which to save log files.

• The default value is the user profile folder \Identity Finder\logs

Disable the use of the Clear Logs buttons to delete existing logs.

• To disable the "Clear Logs" button to delete existing logs, set this value to "Disable delete".

Disable the use of the Use Default button to reset the log path.

• To disable the "Use Default" button to reset the log path, set this value to "Disable reset".