Endpoint search results in multiple SHA256 hashes for the same file
Article ID: 210123
Updated On:
Products
Endpoint Detection and Response
Issue/Introduction
You perform an endpoint search for a file. The search results consists of multiple SHA256 hashes for the same file.
Cause
This issue occurs because SEP forwards the alternate data streams for the file to Symantec EDR.
Resolution
All reported SHA256 hashes for the file are valid.
Feedback
Yes
No
Powered by
