logo

Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

EDR: How Does EDR Calculate Host Uptime and Sensor Uptime?

EDR: How Does EDR Calculate Host Uptime and Sensor Uptime?

Environment

  • EDR: All supported versions
  • Hosted EDR: All Versions

Question

How does EDR calculate Host Uptime and Sensor Uptime? 

 

Answer


Sensor Uptime
  • Sensor Uptime is updated by OS API when the sensor checks in. The value is not necessarily cleared when the sensor goes offline.
  • So it is a representation of the information known about the uptime of the endpoint at the last point in time when the sensor was online and connected to the console.
  • This is not information that is collected and uploaded to the console independent of the sensors online status.
  • A machine that is "offline" and unable to communicate with the primary node will not update the "uptime" information in the console.

Host Uptime
  • EDR pulls uptime from OS API.

Related Content


Labels (2)
Labels:
Tags (3)
Was this article helpful? Yes No
No ratings
Article Information
Author:
CB_Support
Creation Date:
‎08-16-2023
Views:
211
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.