I am looking for the option to disable the logging of all blocked traffic for HIPS in ePO (we only want logging set on certain exceptions) but i can't for the life of me find where the option is to do this in the policies. In the HIPS console the option i am referring to is under the Activity Log tab, then Traffic Logging. does anybody know where i set this in ePO please?
It's not currently an option. The minimal default size is 1MB, with an option to increae it to 999MB. If you tried to change the value to 0 for Activity log size in the Client UI / Troubleshooting policy, it will revert back to 1 when you save the policy. (refer to KB59968 in the McAfee Knowledge Base) You should file an FMR for this functionality.
If you don't want users to see your traffic, You can disable viewing of the HIP ClientUI tray icon.