Symantec Endpoint Detection and Response (SEDR) doesn't have process events for certain applications or folders
search cancel

Symantec Endpoint Detection and Response (SEDR) doesn't have process events for certain applications or folders

book

Article ID: 175063

calendar_today

Updated On:

Products

Endpoint Detection and Response

Issue/Introduction

You open an application on a client machine but you cannot find the Endpoint Activity Recorder process event in the EDR appliance Web Interface.

Cause

  • There is a file or folder Recorder exclusion in the Global settings on the EDR appliance.
  • There is a file or folder SONAR policy exclusion in Symantec Endpoint Protection (SEP).

Resolution

Removing the exclusion will start generating process events when you open those applications.

Powered by Wolken Software