Looking at my threat event dashboard I have tons of file modified events. 90% contain an acceptable file path that I do not care to monitor. "C:\Program Files (x86)\Launcher\Processing\Data\" There are multiple folders with path. What is the most efficient way to reduce these events from reaching the ePo server and prevent throttling?
Solved! Go to Solution.
Hi @jr31313
Thank you for reaching out McAfee Community.
Based on the query, this looks like the events that you wish not to monitor are filling up the database.
We might needed additional logs to investigate on the failure.
I request you to raise an SR and provide us with MER or Gatherinfo logs and we can see what is the issue in detail.
Was my reply helpful?
If yes, please Give me a Kudo.
If I have answered your query, kindly mark this as solution, so together we help other community members
Hi @jr31313
Thank you for reaching out McAfee Community.
Based on the query, this looks like the events that you wish not to monitor are filling up the database.
We might needed additional logs to investigate on the failure.
I request you to raise an SR and provide us with MER or Gatherinfo logs and we can see what is the issue in detail.
Was my reply helpful?
If yes, please Give me a Kudo.
If I have answered your query, kindly mark this as solution, so together we help other community members
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA