logo

Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

Cb Response: Discrepancy On Watchlist Run Time and Results Last Update Time on Watchlist Page

Cb Response: Discrepancy On Watchlist Run Time and Results Last Update Time on Watchlist Page

Environment

  • Cb Response Server: 6.X

Question

Why on watchlist page, the last run time of watchlist on the left panel has a big discrepancy than the last up time of processes on the right panel?

Answer

  • The left side only updates when there is a new process instance match found by watchlist search cron job. 
  • The right side is a live process search. Like you do a query search on Process Search page. When you click on the watchlist name, system runs a live process search and present you results. A process instance has start time and update time. The process got started at one timestamp, and when it has a new event we give it an update time. So the UPDATE time you are seeing is the last time this process instance has a new event. 

Labels (1)
Labels:
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
CB_Support
Creation Date:
‎09-10-2018
Views:
478
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.