Knowledge Base

Yes

Environment

Enterprise EDR Web Console: All Versions

Symptoms

Using Regular Expression (Regex), search for netconn_domain:/@~(sampledomain.com)/ in Process Analysis page, the result displays with events associated with sampledomain.com domain.

Cause

The cause of the issue is currently unknown

Resolution

The issue is under investigation by VMware Carbon Black Team.

Additional Notes

As part of workaround, use the below commands:

-netconn_domain:sampledomain.com
NOT nectonn_domain:sampledomain.com

Either of the above command will display events by excluding events associated with sampledomain.com domain. (Expected result)

Knowledge Base

Enterprise EDR: Regex search not working for netconn_domain

Enterprise EDR: Regex search not working for netconn_domain

Environment

Symptoms

Cause

Resolution

Additional Notes

Related Content

Carbon Black Cloud

Enterprise EDR

Knowledge Base

Enterprise EDR: Regex search not working for netconn_domain

Enterprise EDR: Regex search not working for netconn_domain

Environment

Symptoms

Cause

Resolution

Additional Notes

Related Content

Carbon Black Cloud

Enterprise EDR

Thank you for your feedback.

Thank you for your feedback.