Environment
- Carbon Black Cloud Windows Sensor: All Supported Versions
- Windows: All Supported Versions
Symptoms
Windows Endpoints Signature Status will display a grey icon with a Local Scan Disabled or Version not yet reported message in the Console.
This is a article attached image
Cause
- The Endpoint OS is not Windows
- The "Local Scan" Policy Option "Allow Signature Updates" is "disabled"
- The "Local Scan" Policy Option "On-Access File Scan Mode" is "disabled"
This is a article attached image
Resolution
- Ensure Allow Signature Updates is enabled
- Enforce -> Policies -> Select Policy -> Local Scan -> Allow Signature Updates
- The AV signature pack update will complete with time.
2. Set On-Access File Scan Mode to either Normal or Aggressive.
3. If the problem persists, run the command from an elevated command prompt on each endpoint.
c:\program files\confer\repcli.exe localScanner updateSignature
Additional Notes
- If only Allow Signature Updates is enabled, Sensors will continue to download and install updates but will not report them to the Cloud unless the On-Access File Scan Mode option is enabled.
- Once On-Access File Scan Mode is enabled Sensors will check-in and begin reporting the currently-installed version again.
- Disabling On-Access File Scan turns off the Local Scanner and it no longer reports Signature Version information to the Console.
Related Content