EDR 4.5
The MDR indexes used by EDR are not functioning properly. This causes EDR to experience problems recognizing that the endpoints are enrolled with the correct policy. As a result EDR tries to distribute new policies which are not needed and can cause the SEPM or endpoints to stop functioning correctly.
The engineering team is committed to resolving this issue and is currently investigating a long term fix.
Solution:
This process is normally taken care of automatically in SEDR 4.5 and newer. It is possible that it does not take place automatically. You can use the following steps to verify whether or not the indexes for MDR are too large. If this process does not work the only resolution at this time is to use the workaround listed above this.
The following steps will require admin level CLI access which is available by default when you connect to EDR via the command line.
PLEASE NOTE: If the above steps do not resolve your issue the solution is to remove the SEPM controller connection, wait 24 hours, and then re-configure the SEPM controller connection.
For information on configuring the SEPM controller connection please visit the documentation page Configuring the SEPM Controller for your version of EDR.