The SEDR appliance console does not display some Targeted Attack Analytics (TAA) incidents
search cancel

The SEDR appliance console does not display some Targeted Attack Analytics (TAA) incidents

book

Article ID: 192197

calendar_today

Updated On:

Products

Advanced Threat Protection Platform Endpoint Detection and Response

Issue/Introduction

When reviewing TAA incidents it is noted that some TAA incidents are not displayed in the Symantec Endpoint Detection and Response (SEDR) console.

Resolution

  1. Verify that TAA incidents are being received by opening the command prompt on a SEP client and running
    start cmd /k echo TAA-EICAR
  2. If no TAA incidents are generated after 1 hour, reboot the appliance and repeat step #1
  3. Should step 2 not resolve the issue, please collect a diagnostics (https://knowledge.broadcom.com/external/article/179389) and open a case with Symantec Technical Support
Powered by Wolken Software