Low Event Count is noticed on EDR (Endpoint Detections and Response) when compared to number of events seen on same EDR with similar amount of enrolled Endpoints in past.

The issue is seen on limited EDR installations and does not necessarily affect all EDR 4.10.x or 4.11.x.
It depends on amount of Events load on EDR. Issue can be confirmed by comparing the number of events .If number of events seen historically on same EDR is higher than current number of events.

EDR 4.10.x, 4.11.x

Database session times out due to multiple services to try to connect databases at same time.

This issue was resolved in SEDR version 4.12.  Broadcom support recommends customers upgrade to 4.12 to receive this fix as well as many others.

If upgrading to SEDR 4.12 is not possible, then the following patches may be installed

• EDR 4.10.0 - HF5
• EDR 4.11.0 HF3

Installing patches for the on-prem SEDR appliance