search cancel

During Event data Backups on SEDR, no new clients are Enrolled

book

Article ID: 252782

calendar_today

Updated On:

Products

Endpoint Detection and Response

Issue/Introduction

When performing an Event data backup on a large SEDR Appliance, you notice that no new clients get enrolled and SEPM group changes are not reflected until the backup is finished, sometime hours or days later.

Cause

This is the current product design. While event data backups are running, the SEPM gathrer process is halted to prevent and new data from extending the backup time.

Resolution

It is recommended that you use the configuration backup rather than the Event data backup wherever possible. Capturing the event data is better served via SIEM integration.

Additional Information

SEDR-91580