Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

Environment

Enterprise EDR Console: All Versions

Symptoms

Investigate page is set to "Group by hash", but several processes of the same name / hash are listed individually

Cause

The current logic to group hashes will not group any processes that are tied to a watchlist hit or with child processes

Resolution

The current behaviour is by design. Future work will improve the logic to include watchlist events and events with children - DSER-25387

Article Information

Author:

Creation Date:

‎02-11-2021

Views:

397

Knowledge Base

Enterprise EDR: Group by Hash not working on Process Analysis page

Enterprise EDR: Group by Hash not working on Process Analysis page

Environment

Symptoms

Cause

Resolution

Carbon Black Cloud

Enterprise EDR

Knowledge Base

Enterprise EDR: Group by Hash not working on Process Analysis page

Enterprise EDR: Group by Hash not working on Process Analysis page

Environment

Symptoms

Cause

Resolution

Carbon Black Cloud

Enterprise EDR

Thank you for your feedback.

Thank you for your feedback.