Excessive events during Sophos (Windows) definition update
Issue Sophos updates are causing the Parity Agent to send many events to the Parity server for files that have not changed during the update. This adjustment should be made with any customer running Sophos in a "high volume" situation (such as updates occurring every 5 minutes, or large numbers of Parity Agents). Symptoms An excessive amount of events are generated due to Sophos updates. Some environments have seen upwards of 7-9 million events generated.
Cause Internal Bit9 property must be updated to properly update Sophos. Solution An internal server setting needs to be adjusted. Please contact Bit9 Support citing this solution number (309) for assistance.