Jump to content

How to clear out threat alerts in ERAS 6


Recommended Posts

I believe the only way to "clear" the logs is to rescan the devices. In your case, you may need to create an exclusion for the false positive, wait for the policy to update across your devices, and then do another scan.

Link to comment
Share on other sites

Within the 'computers' view the threat badges have cleared.  Under the 'Threats' tab the console still shows all of the false positives.  Wondering how to clear that out.  Wondering at this point if the Threats tab is basically considered an archival log and I would need to delete my logs?

 

Also, exclusions don't work for me.  I've excluded the directory where the Endpoint product is saying there's an 'unwanted application', done a rescan multiple times and it still pops up. I had to completely turn off Enable detection of potentially unwanted applications, Enable detection of potentially unsafe applications, and Enable detection of suspicious applications in my policy to get it to stop. 

So as far as i can tell exclusions are broken in ERAS 6

Link to comment
Share on other sites

  • Administrators

To clear the number of active threats reported by ERA, the following conditions must be fulfilled:

- the scan must be run from ERA

- in-depth scan profile must be used

- no active threats must be found.

 

That said, the easiest way how to accomplish that is running a scan from the Threats pane or from the Computers pane but in this case you'll need to make sure that cleaning is enabled.

Link to comment
Share on other sites

  • 1 month later...
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...