Skip to content
CrowdStrike Developer Center

sensor_visibility_exclusion

This resource allows you to manage sensor visibility exclusions in the CrowdStrike Falcon Platform.

Sensor visibility exclusions stop all sensor event collection, detections, and preventions for the specified file paths. Use with extreme caution as malware or attacks will not be recorded, detected, or prevented in excluded paths.

API Scopes

Section titled “API Scopes”

The following API scopes are required:

  • Sensor Visibility Exclusions: READ
  • Sensor Visibility Exclusions: WRITE

Example Usage

Section titled “Example Usage”
terraform {
  required_providers {
    crowdstrike = {
      source = "registry.terraform.io/crowdstrike/crowdstrike"
    }
  }
}


provider "crowdstrike" {
  cloud = "us-2"
}
resource "crowdstrike_sensor_visibility_exclusion" "group_exclusion" {
  value          = "/tmp/test-transition-1/*"
  apply_globally = true
}

Schema

Section titled “Schema”

Required

Section titled “Required”
  • value (String) The file path or pattern to exclude from sensor visibility. Use wildcards (*) for pattern matching.

Optional

Section titled “Optional”
  • apply_globally (Boolean) Whether to apply the exclusion globally to all host groups. Cannot be used together with host_groups.
  • apply_to_descendant_processes (Boolean) Whether to apply the exclusion to all descendant processes spawned from the specified path. Defaults to false.
  • host_groups (Set of String) A set of host group IDs to apply this exclusion to. Cannot be used together with apply_globally.

Read-Only

Section titled “Read-Only”
  • created_by (String) The user who created the exclusion.
  • created_on (String) The timestamp when the exclusion was created.
  • id (String) The unique identifier for the sensor visibility exclusion.
  • last_modified (String) The timestamp when the exclusion was last modified.
  • last_updated (String) The RFC850 timestamp of the last update to this resource by Terraform.
  • modified_by (String) The user who last modified the exclusion.
  • regexp_value (String) The regular expression representation of the exclusion value.
  • value_hash (String) The hash of the exclusion value.

Import

Section titled “Import”

Import is supported using the following syntax:

Terminal window
# Sensor visibility exclusions can be imported using their ID
terraform import crowdstrike_sensor_visibility_exclusion.example 12345678-1234-1234-1234-123456789012
© 2026 CrowdStrike, Inc. All rights reserved. Privacy Notice Cookie Notice Terms of Use