Oui, j'ai besoin d'une solution
I have applied exceptions of one of applicaiton in symantec and policy is synched with the endpoint so exclusions are in place.
while running the process monitor I am still seeing the symantec (IRON.DB) file is still interacting with the executable files which already excluded.
otdoccnv.exe 16992 QueryStandardInformationFile C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4112.4156.105\Data\IRON\Iron.db
C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4112.4156.105\Data\IRON\Iron.db
And the same for indexengine processes and admserv.exe
C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4112.4156.105\Data\IRON\Iron.db
And the same for indexengine processes and admserv.exe
otdoccnv.exe, admserv.exe and indexengine processes are under the same path which are excluded already why *.exe process would access to this Symantec Endpoint protection iron.db file?