Set Users Who will be Skipped for System Configuration File Monitoring

Use this group policy to specify a list of users who can modify any system configuration file and directory without generating an audit trail event when Set monitoring of system configuration files is enabled.

If this policy is set to Not configured, by default, only root is added to this list.

This policy modifies the event.file.monitor.user.skiplist parameter in the agent configuration file.