Exclude short domain names

[snowman386]

Some internals systems we have prever the dns short/unqualified name. It would nice to be able to exclude them from sending alerts. We have a domain exclusion but it does not work for these even if the short name resolves to a fqdn in our domain through the dns client.

[adhintz]

Thanks for the feedback. A couple questions to clarify what you're experiencing:

1. Are you excluding domains in the Chrome extension configuration using whitelist_top_domains in the managed policy, or in your App Engine app are you marking the domains as Allowed or Mute?
2. What type of domains do your users see in their browser's address bar when they log into the site? Something like http://internal/ or https://internal.example.com/ or something else?

[snowman386]

I am talking about domains whitelisted in the client (gpo). We exclude domain.com. It works for http://internal.domain.com as expected but we get triggered alerts if a user goes to http://internal

I don't see any way to exclude those.

Thanks

[adhintz]

Thanks for the details. If you add "internal" to whitelist_top_domains, then any domain that ends in "internal" should be whitelisted, such as http://internal

Does that work for you?

[snowman386]

Yes I am aware I can do that but not really what I was hoping for. I would prefer to be able to exclude all short names. I cannot prevent my users from using http://serverX instead of http://serverX.domain.com. It would require a lot of whitelist maintenance to add each server to the whitelist.

[adhintz]

Oh -- that makes sense, now I understand. Thanks for the clarification.