# Settings You can configure `parameters`, `exclusions`, and `matching rules` for the `Share Audit` module with the `Settings` page. ### General Settings You can configure `Max Depth`, `Max File Size`,`Number of Characters Before Match` ,`Number of Characters After Match`,`Extensions`, and `Exclusions` with `General Settings`.

Setting	Description
Max Depth	Specifies the maximum folder depth that the Share Audit module will process.
Max File Size - KB	Specifies the maximum size of files that the Share Audit module will process.
Extensions	Specifies the file extensions that the Share Audit module will process.
Exclusion	Specifies the IP addresses that the Share Audit module will not process. Input can be an IP Address, CIDR, Range notation, or defined as General to exclude specific shares and folders.
Number of Characters Before Match	Specifies the number of characters to include before the matching pattern in the processed data.
Number of Characters After Match	Specifies the number of characters to include after the matching pattern in the processed data.

### Matching Rules #### Inclusion Rule Each matching rule is designated as an `Inclusion`. You can create matching rules with `Name`, `Status`, `Severity`, `IP Range`, `Folder Path Regex`, `File Name Regex`, and `File Content Regex` parameters.

Setting	Description
Name	Name of the matching rule.
Severity	Risk level of matching rule.
Is Active	Status of the rule.
IP Range	Specifies the IP range of the machines to be scanned. IP range can be specified in formats such as 10.10.10.10, 8.8.8.8/24, or 6.6.6.6.20-82. If this field is empty, all machines will be scanned.
Folder Path Regex	Specifies the paths to be scanned based on the regex pattern. If this field is *`.`** all folders will be scanned.
File Name Regex	Specifies the name of the files to be scanned based on the regex pattern. If this field is *`.`** all files will be scanned.
File Content Regex	Specifies the regex pattern used to search for secrets in files. If this field is *`.`** all data will be matched.

#### Exclusion Rule Each matching rule can have multiple `Exclusion Rules` to filter the output. You can create exclusion rules with `Name`, `IP Range`, `Folder Path Regex`, `File Name Regex`, and `File Content Regex` parameters.

Setting	Description
Name	Name of the exclusion rule.
Is Active	Status of the exclusion rule.
IP Range	Specifies the IP range of the machines to be excluded. IP range can be specified in formats such as 10.10.10.10, 8.8.8.8/24, or 6.6.6.6.20-82. If this field is empty, all machines will be excluded.
Folder Path Regex	Specifies the paths to be excluded based on the regex pattern. If this field is *`.`** all folders will be excluded.
File Name Regex	Specifies the name of the files to be excluded based on the regex pattern. If this field is *`.`** all files will be excluded.
File Content Regex	Specifies the regex pattern used to exclude content. If this field is *`.`** all data will be excluded.

#### Example This matching rule finds the passwords between `SQLSRV1.forestall.labs` and `SQLSRV100.forestall.labs`. Machines between `SQLSRV15.forestall.labs` and `SQLSRV33.forestall.labs` and matches containing `password=WqkgtnA134j` are excluded from the rule.

### Built-in Rules and Descriptions **.venv:** Excludes Python virtual environment directories. These paths contain third-party dependencies and are not relevant for credential discovery. **node\_modules:** Excludes Node.js dependency directories. Automatically downloaded packages may cause noise and false positives. **WindowsApps:** Excludes system-managed Windows application directories. These paths do not provide meaningful credential exposure findings. **Cortana:** Excludes Cortana-related system folders. These directories are not relevant for credential discovery analysis. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.forestall.io/fsprotect/credential-discovery/settings.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.