Threat event counts differ depending on the time unit used in a single-line chart query

Technical Articles ID: KB92385
Last Modified: 2023-08-02 06:53:29 Etc/GMT

Environment

ePolicy Orchestrator (ePO) 5.x

Problem

When you modify the default Endpoint Security:Threats detected in the last 7 days report, the total value is different for the hour and day time units.

For example:
For a two-week period, the total shows 4,844 detections when Day is used as a time unit. If you change it to Hour, the total drops to 1,300. The actual data points in the graph are only from the shorter date range and not from the whole two-week period. The chart type selected is Single-Line Chart.

Cause

Both Day and Hour impose a limit on groups of 50. This limit is configured in the Endpoint Security extension.

Solution

This issue is resolved in ePolicy Orchestrator 5.10.0 Update 7, which is available from the Product Downloads site.

NOTE: You need a valid Grant Number to access the update.

To view other known and resolved issues, see KB90382 - ePolicy Orchestrator 5.10.x Known Issues.

Workaround

We investigated this issue and a Proof of Concept (POC) Build is currently available to resolve the issue. To obtain the POC Build, log on to the ServicePortal and create a Service Request. Include this article number in the Problem Description field.

Affected Products

Languages:

This article is available in the following languages:

Knowledge Center

Threat event counts differ depending on the time unit used in a single-line chart query

Environment

Problem

Cause

Solution

Workaround

Affected Products

Languages:

Title

Title

Knowledge Center

Threat event counts differ depending on the time unit used in a single-line chart query

Environment

Problem

Cause

Solution

Workaround

Affected Products

Languages:

Choose your region

Title

Title