Audit and Remediation: What Impact Is There Running a Registry Query Across Large Set of Devices?
Carbon Black Cloud Console: All Versions
Carbon Black Cloud Windows Sensor: All Supported Versions
What impact would there be of using Audit and Remediation to read a registry key on a large set of devices?
There is no impact to endpoint or console performance when running a query like this. There is a 10k row limit in the console. Utilizing the Export feature button or by leveraging the API will allow to retrieve all records.
The query remains active for seven days, so if an offline server comes back online then it will pick up the query and run it if that happens in the seven day window.