Symantec Endpoint Detection and Response (SEDR) doesn't have process events for certain applications or folders
Article ID: 175063
Endpoint Detection and Response
You open an application on a client machine but you cannot find the Endpoint Activity Recorder process event in the EDR appliance Web Interface.
- There is a file or folder Recorder exclusion in the Global settings on the EDR appliance.
- There is a file or folder SONAR policy exclusion in Symantec Endpoint Protection (SEP).
Removing the exclusion will start generating process events when you open those applications.