Carbon Black Cloud Console: Alert results for specific device do not match browser search results with all alerts due to alert grouping
search cancel

Carbon Black Cloud Console: Alert results for specific device do not match browser search results with all alerts due to alert grouping

book

Article ID: 289477

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

  • When grouping is enabled, some of the alerts for a specific endpoint do not appear in the results
  • Filtering results by the device name returns more results

Environment

  • Carbon Black Cloud Consolse: .72 and Above

Cause

When alert grouping is enabled, the description of a grouped alert may not match what is returned for a specific endpoint's alert
 

Resolution

  • This is behaving as designed
  • To find alerts specific to an endpoint
    • Filter by the device name / ID to return all device results
    • Turn off 'Group alerts' so each alert is listed individually 
Powered by Wolken Software