If you get a false alarm for a sandfly against a host, you can easily make that sandfly no longer run against it for future scans by using the whitelist. At the top of the alert view is the whitelist button. Click this button and confirm your decision. From that point forward that sandfly will not run on that host again, but will run on all your other hosts.
Once you select to whitelist an alert, it will show as follows.
Updated 2 months ago