search cancel

MEMEXTRACT errors in Endpoint Detection and Response Cloud

book

Article ID: 174461

calendar_today

Updated On:

Products

Endpoint Detection and Response Cloud

Issue/Introduction

While reviewing the Dissolvable Agent Server (DAS) logs or scan results, you may see memextract errors regarding files not found.

Artifact retrieval failed (Directory did not exist \\10.102.103.193\ADMIN$\MEM_EXDIR) / (endpoint tool failed \\10.10.10.13\ADMIN$\OutlierCollectorService) code: 0]]

Cause

This is caused when the memory space expected to be present no longer exists. When the DAS goes to collect the data, it doesn't exist if there were no results.

Resolution

It is not expected that all memory can be accessed, and still exists after the initial detection of its presence. It is expected to see these errors.

Attachments