CB ThreatHunter: How to filter out data with unknown event type counts
Article ID: 290307
Updated On:
Products
Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)
Issue/Introduction
Filter out data that contains an (unknown) field for the event type count e.g. regmods, filemods, etc.
Environment
- CB ThreatHunter Console: All Versions
Resolution
On the investigate page within the ThreatHunter console use the following search syntax
- -legacy:true
Feedback
Yes
No
Powered by
