Question
What takes precedence when you're using deny lists and allow lists?
Example:
agent: dotnet: app_pool_denylist: DefaultAppPool,DefaultAppPool2 app_pool_allowlist: DefaultAppPool3,DefaultAppPool4 application_denylist: App,App2,App3 application_allowlist: App4,App5
Answer
Allowlist takes precedence over denylist.
App pool filtering is evaluated before application filtering. If an app pool is filtered out, the agent will never even get to the application filtering stage.
In this example, the deny lists are redundant and could be removed, since anything not in the allow lists will be denied.