If you trust a file, file type, folder, or a process that Windows Security has detected as malicious, you can stop Windows Security from alerting you or blocking the program by adding the file to the exclusions list.
Cloud Logging receives log entries through theCloud Logging API where they pass throughthe Log Router. The sinks in the Log Router check each log entryagainst the existing inclusion filter andexclusion filters that determine which destinations, includingCloud Logging buckets, that the log entry should be sent to. You can usecombinations of sinks to route logs to multiple destinations.
The routing behavior for each sink is controlled by configuring theinclusion filter and exclusion filters forthat sink. Depending on the sink's configuration, every log entry received byCloud Logging falls into one or more of these categories:
For any new sink, if you don't specify filters, all logs match and are routed tothe sink's destination. You can configure the sink to select specific logs bysetting an inclusion filter. You can also set one or more exclusion filtersto exclude logs from the sink's destination.
The sink's exclusion filters override any of its defined inclusion filters.If a log matches any exclusion filter in the sink, then it doesn't match thesink regardless of any inclusion filters defined. The log entry isn't routedto that sink's destination.
When you create a sink, you can setmultiple exclusion filters. Exclusion filters let you exclude matching logentries from being routed to the sink's destination or from being ingested byCloud Logging. You create exclusion filters by using theLogging query language.
Log entries that aren't routed to at least one log bucket, either explicitlywith exclusion filters or because they don't match any sinks with aLogging storage destination, are also excluded fromError Reporting. Therefore, these logs aren't available to helptroubleshoot failures.
Sink exclusion filters don't apply to user-defined log-based metrics. Even ifyou exclude logs from being ingested by Cloud Logging API and the logs aren'tstored in any Logging buckets, you could see those logs countedin these metrics.
Over twenty-five years ago, in 1986, Congress amended the Freedom of Information Act (FOIA) to provide special protection for three categories of particularly sensitive law enforcement records. For these three specifically defined categories of records, Congress provided that federal law enforcement agencies "may treat the records as not subject to the requirements of [the FOIA]." 5 U.S.C. 552(c). These provisions, which are referred to as "exclusions" provide protection in three limited sets of circumstances where publicly acknowledging even the existence of the records could cause harm to law enforcement or national security interests.
The first exclusion protects against disclosure of a pending criminal law enforcement investigation where there is reason to believe that the target is unaware of the investigation and disclosure of its existence could reasonably be expected to interfere with enforcement proceedings. The second exclusion, which applies only to records maintained by criminal law enforcement agencies, protects against disclosure of unacknowledged, confidential informants. The third exclusion, which applies only to the FBI, protects against disclosure of foreign intelligence or counterintelligence, or international terrorism records, when the existence of those records is classified.
The exclusions address three especially sensitive situations arising in the criminal law enforcement or national security context where invoking an exemption will not afford adequate protection because the very act of citing the exemption confirms the existence of the protected records. At the same time, using a "Glomar" response, i.e., a response where the agency neither confirms nor denies the existence of the records, is not viable or practicable because it would need to be applied to a broad range of requests in order to be effective, which would greatly limit the FOIA's access provisions. Indeed, when Congress amended the FOIA to include exclusions, the "neither confirm nor deny" response was already in existence and used by agencies for certain categories of requests. As is explained in the guidance issued by former Attorney General Meese addressing the 1986 amendments to the FOIA, it was because the Glomar response "inadequately protects against the particular harms in question that the more delicate exclusion mechanism, which affords a higher level of protection, sometimes must be employed." The exclusions themselves describe the three narrow categories of records where a "neither confirm nor deny" response would not be adequate.
If the agency were to respond by saying it could neither confirm nor deny the existence of records, i.e., provide a Glomar response, it would have to answer that way for all requests where someone asked for records on themselves, because a Glomar response is not effective unless it is used for all similar requests. That, in turn, would mean that the vast majority of requesters seeking records on themselves would receive Glomar responses, even though the chance that any particular requester was the target of an investigation covered by an exclusion would be extremely low.
To avoid both of these scenarios, exclusions authorize the agency to "treat the records as not subject to the requirements of the [FOIA]." This permits an agency to respond to a request seeking excluded records without revealing their existence, while also allowing the agency to respond to the vast majority of requests in the traditional manner, i.e., by advising the requester whether records exist, and if they do, by releasing any information that is not exempt and asserting exemptions for any material properly protected from disclosure.
In another example, if a criminal enterprise suspected it was infiltrated by an informant, it could try to uncover the suspected informant by using the FOIA. The enterprise could require the suspected informant to provide a privacy waiver and then could make a FOIA request to a law enforcement agency such as the FBI seeking any records on that individual. The submission of the privacy waiver would preclude the criminal law enforcement agency from using a privacy-based Glomar response. Without the exclusion, the law enforcement agency which was working with that informant in the criminal enterprise would be in an untenable position. Invoking Exemption 7(D), which protects confidential informants, would tip off the criminal enterprise that indeed it had been infiltrated. To address just such a scenario, the second exclusion removes criminal law enforcement informant records from the requirements of the FOIA, when they are requested by a third party, thereby providing protection for the confidential informant.
For all three exclusions, the records are removed from the requirements of the FOIA only during the time that the specific requirements of each exclusion are met. Thus, once the target of a criminal law enforcement investigation becomes aware of the existence of the ongoing investigation, the first exclusion would no longer apply. Similarly, once a confidential informant's status as an informant has been officially confirmed the second exclusion would no longer apply. Finally, when the existence of FBI foreign intelligence, counterintelligence, or international terrorism records is no longer classified, the third exclusion would not apply.
Since 1987, agencies have handled records excluded under these provisions according to the publicly available guidelines issued by Attorney General Meese. The Meese Guidance provided, among other things, that where the only records responsive to a request were excluded from FOIA by statute, "a requester can properly be advised in such a situation that 'there exist no records responsive to your FOIA request.'" The Meese Guidance also stated that it was "essential that all agencies that could potentially employ at least one of the three exclusions ensure that their FOIA communications are consistently phrased accordingly." Otherwise the protection afforded by the exclusion could be "undermined, even indirectly, by the form or substance of an agency's actions." These practices laid out in Attorney General Meese's Guidance have governed agency practice for more than twenty-five years.
The Department has examined those past practices governing use of exclusions to determine whether there are ways to bring greater accountability and transparency to the existence and use of exclusions in the FOIA without compromising the important national security and law enforcement interests that are at stake. As a result of that review, the Department has determined that there are a series of steps that agencies should take going forward that will achieve these goals.
This guidance is intended to provide greater transparency and accountability to a distinct aspect of the FOIA, which while used in a very limited number of cases, is expressly part of the FOIA statute and is necessary to protect vital law enforcement and national security interests. Using this multi-layered approach to implementing the FOIA's statutory exclusion provisions will ensure that the public is better informed about the existence of records that are "excluded" or outside the requirements of the FOIA.
The new reporting requirement contained in Chief FOIA Officer Reports will allow the public to readily see the extent to which exclusions are employed each year and by which agencies. The description of exclusions on agency websites will further increase public understanding of this distinct part of the law. Lastly, this new approach ensures that requesters to law enforcement components where excluded records might exist are advised that there are records outside the requirements of the FOIA and that such records are not part of the agency's response. At the same time, because the notification will be included in any response made by a criminal law enforcement component, its inclusion will not reveal in any specific case whether excluded records were located or not. In its totality this new approach will ensure greater transparency and accountability in the handling of statutory exclusions. 041b061a72