App Control: Trusted Directory Stops Crawling After Allow Write Rule is Added
search cancel

App Control: Trusted Directory Stops Crawling After Allow Write Rule is Added

book

Article ID: 288798

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

  • After an Allow Write type rule is added, files are no longer approved by the trusted directory crawler.
  • Disabling and enabling trusted directory approves the file.

Environment

  • App Control Agent: 8.x
  • App Control Server: 8.x
  • Trusted Directory Enabled

Cause

The Allow Action exits all rule groups, including the rule in which the crawler is sent the metadata.

Resolution

  1. Edit the Allow Write rule
  2. Change the type to Expert
  3. Uncheck the Allow operation leaving the Finish Rule Group
  4. Save the rule
  5. Wait till the device becomes up to date on its ConfigList
  6. Test copying a file to the trusted directory
Powered by Wolken Software