Environment
- CB Protection Server: 7.x and Higher
- Microsoft SQL Server: All Supported Versions
Question
Why Are There Two Timestamp Fields for Events in the Database?
Answer
- When querying the DAS database for event information, there are two timestamp fields for each event:
- Timestamp
- ReceivedTimestamp
- The Timestamp field refers to the date/time the agent saw the event occur on the endpoint.
- The ReceivedTimestamp field refers to the date/time the server/database received that information.
Additional Notes
- When querying the das database, we recommend using the "bit9_public.Ex*" views.
- Time difference between the two fields can vary depending on agent and server backlog.
Related Content