Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Environment

Endpoint Standard Sensor: All Supported Versions
Carbon Black Cloud: All Supported Versions
Apple macOS: All Supported Versions

Question

How does the sensor suppress events in order to reduce event noise?

Answer

To avoid excessive traffic, the repetitive, similar, events are suppressed, not reported to the cloud.
The suppression interval for process creation events is six hours.

Related Content

PSC: Does the sensor suppress network events for UDP port 137/138 netbios traffic?
CB Defense: Notifications Not Shown in Local Sensor UI

Article Information

Author:

Creation Date:

‎08-21-2020

Views:

484

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.