Using 'Purge Threat Event log by Query' ignores Maximum Items setting
Last Modified: 2023-08-07 10:35:53 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
Using 'Purge Threat Event log by Query' ignores Maximum Items setting
Technical Articles ID:
KB93209
Last Modified: 2023-08-07 10:35:53 Etc/GMT Environment
ePolicy Orchestrator (ePO) 5.10.x, 5.9.1
Problem
A server task configured to Regardless of the limit defined, all results included in the query are unexpectedly purged via the ePO Server Task. Cause
The maximum items limit isn't passed to the SQL delete statement.
SolutionHotfixes are created to address specific issues and are not posted publicly, but are available by contacting Technical Support.
Workaround
To define the filters manually, do the following:
Affected ProductsLanguages:This article is available in the following languages: |
|