Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

Environment

Microsoft Windows: All Supported Versions

Objective

Check to see what drivers are installed and their elevations to determine if one security software is detecting an event before another

Resolution

Run CMD as Administrator
FLTMC filters
- Each filter level driver will be listed with its elevation
- Lower elevations will see an event before higher elevations
- If a file is deleted by a lower level elevation driver then a higher elevation driver may not see that file

Knowledge Base

All Products: How To Check Filter Level Drivers and Elevation

All Products: How To Check Filter Level Drivers and Elevation

Environment

Objective

Resolution

Related Content

App Control

Audit and Remediation

Carbon Black Cloud

Container

EDR

Endpoint Standard

Enterprise EDR

Hosted EDR

Managed Detection

Managed Detection and Response

Prevention

Workload

Knowledge Base

All Products: How To Check Filter Level Drivers and Elevation

All Products: How To Check Filter Level Drivers and Elevation

Environment

Objective

Resolution

Related Content

Thank you for your feedback.

Thank you for your feedback.