Endpoint Standard API Connector: Duplicate API alert query results showing different CREATE_TIME
search cancel

Endpoint Standard API Connector: Duplicate API alert query results showing different CREATE_TIME

book

Article ID: 285305

calendar_today

Updated On:

Products

Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)

Issue/Introduction

Duplicate Alert results show different CREATE_TIME

Environment

  • Endpoint Standard API Connector
  • Endpoint Standard Sensor: All Versions

Cause

Known issue with sensor in which cross process events are not being handled correctly by event suppression. The extra events are being picked up by the backend which properly alerts on them.

Resolution

This will be resolved in a later version of the Endpoint Standard Sensor

Additional Information

This is being tracked in Engineering as UAV-1655
Powered by Wolken Software