Local Scan Disabled or Version not yet reported
search cancel

Local Scan Disabled or Version not yet reported

book

Article ID: 290839

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)

Issue/Introduction

Windows Endpoints Signature Status will display a grey icon with a Local Scan Disabled or Version not yet reported message in the Console.

Environment

  • Carbon Black Cloud Windows Sensor: All Supported Versions 
  • Windows:  All Supported Versions

Cause

  • The Endpoint OS is not Windows
  • The "Local Scan" Policy Option "Allow Signature Updates" is "disabled"
  • The "Local Scan" Policy Option "On-Access File Scan Mode" is "disabled"

Resolution

  1. Ensure Allow Signature Updates is enabled
  • Enforce -> Policies -> Select Policy -> Local Scan -> Allow Signature Updates
  • The AV signature pack update will complete with time.

       2. Set On-Access File Scan Mode to either Normal or Aggressive. 
       3. If the problem persists, run the command from an elevated command prompt on each endpoint.

c:\program files\confer\repcli.exe localScanner updateSignature


 

Additional Information

  • If only Allow Signature Updates is enabled, Sensors will continue to download and install updates but will not report them to the Cloud unless the On-Access File Scan Mode option is enabled.
  • Once On-Access File Scan Mode is enabled Sensors will check-in and begin reporting the currently-installed version again.
  • Disabling On-Access File Scan turns off the Local Scanner and it no longer reports Signature Version information to the Console.
Powered by Wolken Software