Seem to be having difficulties excluding all the different places and ways users are accessing some of our tools.
I had made prior channel filter exclusions that seemed to be working as well as http ones but am continually adding to these as we had some tenant changes with 0365 etc.
I have and influx of cloud hits for our sharepoint sites as well as our one drive.
I do only wish to exclude our corporate one drive and not something someone might have installed and be using with personal accounts.
Right now I am seeing incidents created with OneDrive.exe as well as EXCEL.exe and a sharepoint site that I already added to the excluded list. Trying to keep ‘private’ information and sorporation so hope the blackouts do not interfere with assistance (images attached)
Is there somewhere else I ened to make these exclusions for this endpoint activity?
In https I have -*xnamexgroup-my.sharepoint.com/*
and assorted ways that the home paths are listed for onedrive, example
%HOMEPATH%OneDrive – xxx Group*