SEDR configuration import is missing some items

search cancel

SEDR configuration import is missing some items

book

Article ID: 420947

calendar_today

Updated On:

Products

Endpoint Detection and Response Endpoint Detection and Response Hardware Endpoint Detection and Response with Email Endpoint Protection with Endpoint Detection and Response

Issue/Introduction

After importing a Symantec Endpoint Detection and Response (SEDR) appliance configuration file, you notice some items weren't included.

Environment

SEDR 4.9 and newer

Cause

By design some items are not included in the SEDR configuration export.

Resolution

The following items are not included in a SEDR configuration export:

SEPM Controller password
Endpoint search history
Executed reports
Uploaded files
Certificates:
- SEPM Controller certificate
- MS SQL Server database certificate
- Splunk server certificate
- EDR appliance console SSL certificate
OAuth clients
Single sign-on configuration settings
Incident Rule states

Additional Information

Symantec EDR configuration settings files:
https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-detection-and-response/4-10/Settings/Symantec-EDR-configuration-settings-files.html

Feedback

thumb_up Yes

thumb_down No