Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

CB ThreatHunter: Why are facet percentages not complete in some edge cases?

CB ThreatHunter: Why are facet percentages not complete in some edge cases?

Environment

  • CB ThreatHunter Web Console: All Versions

Question

Why is the facet percentage under filters on the investigate page showing a percentage other than 100%? e.g. 99.6%

Answer

Facet percentages are an approximation derived from a sample of the process documents returned in the search result.

Additional Notes

  • The denominator in facets is always the number of process documents 
  • The facet is the percentage of process documents that have the given value stored in them based on the search value

Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
Creation Date:
‎09-09-2020
Views:
287
Contributors