Evidence File Link is not available on some incidents
Last Modified: 2023-04-13 19:08:24 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
Evidence File Link is not available on some incidents
Technical Articles ID:
KB93072
Last Modified: 2023-04-13 19:08:24 Etc/GMT Environment
Data Loss Prevention (DLP) Endpoint - all supported versions DLP Prevent - all supported versions DLP Monitor - all supported versions DLP Discover - all supported versions For supported environments, see: Problem
When you view a DLP incident, the link to download the associated evidence file is not available. The rule that generated the incident is correctly configured to generate an evidence file. The evidence file link is available in other incidents generated by the same rule.
Cause
The size of the file that generated the incident is larger than the Maximum Evidence File Size setting in the Client Configuration policy. The default value of this setting is 25 MB.
Solution
Adjust the Maximum Evidence File Size value to accommodate larger file sizes. To modify the Maximum Evidence File Size value:
Affected ProductsLanguages:This article is available in the following languages: |
|