Jump to content

Exclusions not working


droezel
 Share

Recommended Posts

We're test driving Enterprise Inspector and at the moment I have more than 250 clients sending events to EEI, off course there's a lot of noise and I'm adding exclusions for normal application behaviour. 

I'm noticing that a lot of my exclusions do not work and the events that I want to exclude are just showing up again. 

Example exclusion for Process from SysWOW64 started by unpopular process [a0416]

628708098_2018-09-2710_26_40-Clipboard.png.6c21070f18f4c8c9513dddc532cab58d.png

And still the event keeps showing up as warning: 

958350664_2018-09-2710_28_41-AlarmDetails-ESETEnterpriseInspector.png.596ff1b35ff29e770b7b62a99f90e4bd.png

The signer and computernames match up, so I don't see any reason why... Any way to troubleshoot this? 

Link to comment
Share on other sites

  • ESET Staff

Thank you for reporting the problem. It turned out that we have a bug, which blocks this from working correctly. The bug will be fixed in the next release.

As a workaround, you can mark globalzpo.exe as safe in Executables View. This should silence this rule.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...