1 Reply Latest reply on May 14, 2017 4:06 PM by catdaddy

    Differences for the result of Threat Handled  = 0 or 1

    ohiotech

      Community Support, As I understand the result of "threat_handled="1" is to mean that the threat was not correctly handled. Or meaning that the file was not successfully deleted. So, in the case of "threat_handled="0", is this to mean (always) that the threat was correctly handled in all event code cases? I'm reading the ePO database using dbconnect with Splunk and want to be sure that I can authoritatively  state that I can ignore results if the threat handled is zero.

       

      Thanks in advance,

       

      Ohiotech