CB Protection: How to add 'health_check_exclusions' parameter for WinDefend service
search cancel

CB Protection: How to add 'health_check_exclusions' parameter for WinDefend service

book

Article ID: 290107

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

How to add 'health_check_exclusions' parameter for WinDefend service.

Environment

  • CB Protection Agent: Version 8.1.0.3324 (Patch 1) - 8.1.0.3546 (Patch 2)
  • Microsoft Windows 10

Resolution

  1. Load the Agent Config page: https://<servername>/agent_config.php
  2. Locate the 'health_check_exclusions' parameter to confirm if there is an existing value, perform appropriate step below: 
    1. If there is an existing health_check_exclusions property, append following string by adding a separating comma:
      ,*Service[WinDefend]*running with improper classifications*
    2.  If there is no existing health_check_exclusions property, define new property as follows: 
a. Name: Suppress Service[WinDefend] health check alert 
b. Value: health_check_exclusions=*Service[WinDefend]*running with improper classifications* 
c. Host Id: 0 (for all agents) 

Additional Information

  • Adding this 'health_check_exclusions' parameter will suppress Agent(s) from reporting events similar to:
Cb Protection Agent detected a problem: The Service[WinDefend] State[4] Pid[1118] is running with improper classifications
  • Health check messages related to WinDefend service will be addressed in version 8.1.6 Release (EP-6972).