CB Response: Visual Studio boot up time increased
search cancel

CB Response: Visual Studio boot up time increased

book

Article ID: 288007

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

Visual Studio boot up time increased with the CB Response Sensor installed

Environment

  • CB Response Sensor: All Versions
  • Microsoft Windows: All Supported Versions
  • Microsoft Visual Studio: All Verions

Cause

Large amount of events from Microsoft Visual Studio

Resolution

  1. Log in to the CB Response Console
  2. Open the sensors page
  3. Create or Update a group with machines experiencing the issue
  4. Under the Sensor Group Settings navigate to Advanced
  5. Select "High" for Suppression level
  6. Save the group

Additional Information

  • Suppression Levels
• None – Sets no data suppression.
• Medium – Some data is suppressed. Process documents that contain only modload events are not recorded.
• High – More data is suppressed. Process documents with only modloads and/or crossproc events are not recorded.
  •  Data suppression may result in false positives in the results of cmdline searches as the childproc command line is appended to the parent process
Powered by Wolken Software