Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Audit and Remediation: What Impact Is There Running a Registry Query Across Large Set of Devices?

Audit and Remediation: What Impact Is There Running a Registry Query Across Large Set of Devices?

Environment

  • Carbon Black Cloud Console: All Versions
  • Carbon Black Cloud Windows Sensor: All Supported Versions

Question

What impact would there be of using Audit and Remediation to read a registry key on a large set of devices?

Answer

There is no impact to endpoint or console performance when running a query like this. There is a 10k row limit in the console. Utilizing the Export feature button or by leveraging the API will allow to retrieve all records.

Additional Notes

The query remains active for seven days, so if an offline server comes back online then it will pick up the query and run it if that happens in the seven day window.

Related Content


Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎09-13-2022
Views:
207
Contributors