EDR: SRS Threat Feed Creating Many Alerts
Article ID: 285730
Updated On:
Products
Carbon Black EDR (formerly Cb Response)
Issue/Introduction
SRS Threat feed is creating many feeds starting on 9/15/2020
Environment
- EDR Server: All Versions
Cause
An update to the feed was made some systems that sent in incorrect dates into Alliance.
Resolution
No steps needed by the consumer.
Additional Information
- Systems seeing this at one point sent in an incorrect timestamp and now feeds reports are updating correctly
- Because some systems sent in incorrect timestamps, they may not get updated with threat reports and an alert could be missed. A manual adjustment within Alliance to correct these timestamps was made to make sure alerting is continuing
- Once the feeds have fully synchronized and run, the alerts will quiet down.
Feedback
Yes
No
Powered by
