bblair 0 Posted Tuesday at 05:35 PM Share Posted Tuesday at 05:35 PM Not sure what to make of this alert. We have about 8 for a group of our servers, but there doesn't appear to be any contextual info or what the dll is or what it did. Quote Link to comment Share on other sites More sharing options...
itman 1,748 Posted Tuesday at 06:48 PM Share Posted Tuesday at 06:48 PM Based on the alert, it appears it is for a malware detection database delete for something that occurred 3 months ago. Quote Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 5,273 Posted Tuesday at 07:19 PM Administrators Solution Share Posted Tuesday at 07:19 PM Correct. The event occurred 3 months ago so details are not available any more. According to https://help.eset.com/ei_cloud/en-US/?limitations.html: The retention period for raw events is seven days. Older records are moved permanently. The retention period for detections is 31 days. Older records are moved permanently. Detection is not removed if added to an incident. Quote Link to comment Share on other sites More sharing options...
bblair 0 Posted Wednesday at 11:52 AM Author Share Posted Wednesday at 11:52 AM Thank you, this is massive and I was wondering why events kept saying "purged from database" so the events never seemed to contain useful information. I'll bring this up to the powers that be as a reminder for why 24/7 monitoring of this is important. Thanks again! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.