• Configure VDI plugin to match only SID of the endpoint to existing records and ignore hostname/fqdn when sensor checks in without an existing sensor_id.

• EDR Server: All Versions
• EDR Sensor: All Supported Versions

1. Enable VDI globally by modifying /etc/cb/cb.conf on Primary and Minions and set the following:

NewRegistrationCallbackModulePath=/usr/share/cb/plugins/default_new_sensor_registration_callback_sid.py
NewRegistrationCallbackClassName=DefaultNewRegistrationCallback

2. Make a copy of the default plugin:

cp /usr/share/cb/plugins/default_new_sensor_registration_callback.py /usr/share/cb/plugins/default_new_sensor_registration_callback_sid.py​​​​

3. Edit /usr/share/cb/plugins/default_new_sensor_registration_callback_sid.py​​​​ and replace the content with the following:

from cb.sensor.NewRegistrationCallback import NewRegistrationCallback
from cb.db.core_models import SensorRegistration


class DefaultNewRegistrationCallback (NewRegistrationCallback):

    @staticmethod
    def get_sensor_id(db_session, sensor_reg_request, logger):
        sensor_host_name = sensor_reg_request.ComputerId.ComputerName
        sensor_dns_name = sensor_reg_request.ComputerId.ComputerDnsName
        sensor_sid = sensor_reg_request.ComputerId.ComputerSid
        sensor = db_session.query(SensorRegistration).filter(SensorRegistration.computer_sid == sensor_sid).order_by(SensorRegistration.last_checkin_time.desc()).first()

        if sensor is not None:
            logger.debug("Found sensor id [%d] for hostname [%s @ %s]" % (sensor.id, sensor_host_name, sensor_dns_name))
            return sensor.id
        else:
            logger.debug("Could not find a sensor id for hostname hostname [%s @ %s]" % (sensor_host_name, sensor_dns_name))
            return 0

4. Restart your standalone server or cluster to reflect the configuration change.