Environment
- Carbon Black Cloud Console: All Versions
- Microsoft Windows: All Supported Versions
- Audit and Remediation:July 2020 Backend Update
- Linux: All Supported Versions
- Apple MacOS 10.10+
- Carbon Black Cloud Windows Sensor: 3.3 and Higher
- Carbon Black Cloud MacOS Sensor: 3.3 and Higher
- Carbon Black Cloud Linux Sensor: 2.3 and Higher
Question
When running a live query on endpoints, the results seems to not be querying all of the endpoints in the environment.
Answer
As of July 2 there were changes made on the backend to allow more results. VMware Carbon Black recently made a change to calculate the estimate of potential pool of devices on which the query can run whether you’ve selected a policy or All endpoints. Previously the estimate was number of devices that has checked in last in the last 2 hours. With the recent change that last check in time window was increased to 7 days.
Related Content
