deny list

deny list


A filtering rule that excludes one or more members from a set. For example, you can use deny list rules to tell a forwarder which files not to consume when monitoring directories, or you can use a deny list rule with the deployment server to filter out a certain deployment client.

You can combine deny list rules with allow list rules, which tell the Splunk platform which members of a set to allow in order to achieve precise filtering.

Deny list rules override allow list rules.

The term "deny list" replaces the term "blacklist", which is no longer in use. Both terms refer to the same functionality.

For more information

In Getting Data In:

In Updating Splunk Enterprise Instances: