Jump to content

Manually Clearing Detection Database and Stats?

Recommended Posts


I can't seem to find information on how to manually clear the detection list and statistic in ERA. I've seen FAQs stating there is a "Clean Up" now button but I can't seem to find it. I know I can lower the logging down but I'd like to run it on demand.

Last night, we had a workstation with a Kali Linux ISO on it and the system reported 1000+ detections that we would like to remove from the statistics.


Link to comment
Share on other sites

  • Administrators

We recommend using Resolved and Not resolved states for detections that you have already dealt with and were resolved. You can use a filter, e.g. to filter out already resolved detections.

Link to comment
Share on other sites

6 hours ago, Marcos said:

We recommend using Resolved and Not resolved states for detections that you have already dealt with and were resolved. You can use a filter, e.g. to filter out already resolved detections.

Thanks for the information. I'm aware of filtering but is there a way to manually clear them out of the database? My statistics are all skewed. I have about 10 times more detections (which are false) on one workstation than I do the entire network. Or, can I just change "clean incident logs over than" to 1 day and after they clear out change it back to the previous setting?

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...