CB Defense: Why do Console Events show out of order near startup times or waking from sleep mode?
search cancel

CB Defense: Why do Console Events show out of order near startup times or waking from sleep mode?

book

Article ID: 288668

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

Why do Console Events show out of order near startup times or waking from sleep mode?

Environment

  • CB Defense PSC Console: All Versions
  • CB Defense Sensor: All Versions
  • Microsoft Windows: All Versions

Resolution

As the Device is starting Services and Applications the CB Defense Sensor prioritizes Policy enforcement over logging so time stamps may be incorrectly shown

Additional Information

  • As Services start there may be Events logged before the Sensor can enforce Policy
  • To avoid performance impact these Events may be delayed for upload
  • May show Events with timestamps during time Policy changes are being applied causing both Policies to be reported for the Event
Powered by Wolken Software