Create an exception

When you create an exception to a rule, you prevent the rule from being applied to one or more nodes. If you run a scan while the exception is active, the compliance score of the rule is excluded from the overall compliance score of any specified nodes.

Exceptions are typically temporary with a specified expiration date and time. However, you can create an exception with no expiration date or time.
  1. Click Scans > Scan reports and select a scan to which you want to add an exception.
  2. On the Scan report page, on the Rules tab, locate the rule for which you want to create an exception. Click View report.
  3. On the Scan report: Rule performance page, next to the rule name, click View rule detail.
  4. On the Rule detail page, click Create exception and follow the exception creation workflow:
    1. Select a profile and, optionally, a custom profile. Click Next.
    2. Select one or more nodes to which the exception will apply. Click Set expiry.
    3. Optionally, set an expiration date, time, and time zone. Click Add details and review.
    4. Provide a name and reason for the exception.
    5. Optionally, for audit or tracking purposes, you can specify the name of the person who approved the exception and the associated ticket number, if applicable.
    6. Click Save exception and exit.
    Alternatively, you can create an exception by going to the Security Compliance Management navigation pane, clicking Exceptions and then clicking How do I create an exception?
What to do next
Optionally, to see how the exception affects the compliance score, run a scan.