I am looking for information/explanation for something I am seeing in the Incident Manager.
Specifically, I've noticed that some incidents record with a blank Computer IP. This doesn't happen too often. In fact, since February of this year there have been ~59000 incidents and only 111 have a blank Computer IP value.
However, this can be an issue for the other Admins that review DLP Dashboards that have been set up to filter based on Computer IP. If they have had incidents on systems they manage with a blank computer IPs, it will not show up in their queries.
Compared to the total number of incidents a very low percentage have had this issue. However, the individuals I make these dashboards for to review tend to complain mightily if even one thing is left out.
My question is 1.) What causes the Computer IP value to be recorded as blank (None) in the Incident Manager and 2.) Is there anyway of mitigating this from occurring in the future?
Appreciate the input. I just checked the ePO extensions and 126.96.36.199 is indeed the version of DLP we're using currently. In the images you linked though, I'm not sure what you're trying to show me. In the case of what I see in our Incident Manager; the table (first screen shot) lists Computer IP as "None" and the Incident view (second screen shot) will actually not list Computer IP. As in no label, just Computer Name, User Name, etc.
Just to double check; I'm assuming there's no other option to mitigate this from happening other than updating the extension to 11.4.200?
Also, is there any place where this is written down as a 'Known Issue'? Such as a KC article or such. Something to present to the people above me to make them aware of this.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.