CB Defense: Why Does Audit Log Show Requests to All Endpoints When Using Delete All From Malware Removal?
book
Article ID: 286419
calendar_today
Updated On:
Products
Carbon Black Cloud Endpoint Standard (formerly Cb Defense)
Issue/Introduction
When using 'Delete All' from Malware Removal in CB Defense, why does the audit log show request to all endpoints instead of only target systems that have the files being deleted?
Environment
Carbon Black Defense Sensor: All Supported Versions
Carbon Black Defense PSC Console: All Supported Versions
Resolution
The 'Delete All' functionality in the Malware Removal feature needs to send out a request to every endpoint in the environment because CB Defense does not keep a catalog of file inventory on each endpoint.