Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
620 Views 1 Reply Latest reply: Apr 1, 2013 10:29 AM by Kary Tankink RSS
greatscott Champion 287 posts since
Jul 18, 2011
Currently Being Moderated

Mar 29, 2013 11:38 AM

Events with "Agent was unable to send advanced details"

Has anyone ever experienced events with the advanced parameter displaying the error "Agent was unable to send advanced details - too much data to display"?  Here is a sample event below. Is anyone aware of the underlying issue that causes this message to be displayed?

 

 

Server ID:XXXX
Event Received Time (UTC):3/7/13 6:58:41 PM
Event Generated Time (UTC):3/7/13 5:36:38 PM
Agent GUID:408CEF64-8754-462B-8D67-198B15C4B06F
Detecting Prod ID (deprecated):HOSTIPS_8000
Detecting Product Name:McAfee Host Intrusion Prevention
Detecting Product Version:8.0.0
Detecting Product Host Name:XXXXX
Detecting Product IPv4 Address:XXXXXX
Detecting Product IP Address:XXXXXXXXXXXXX
Detecting Product MAC Address:XXXXXXXXXXXXXX
DAT Version:
Engine Version:
Threat Source Host Name:
Threat Source IPv4 Address:XXXXXXXXXXXX
Threat Source IP Address:XXXXXXXXXXXX
Threat Source MAC Address:
Threat Source User Name:domain\user
Threat Source Process Name:C:\WINDOWS\EXPLORER.EXE
Threat Source URL:file:///C:\WINDOWS\EXPLORER.EXE
Threat Target Host Name:XXXXXXXXXXXX
Threat Target IPv4 Address:XXXXXXXXXXXX
Threat Target IP Address:XXXXXXXXXXXXXX
Threat Target MAC Address:XXXXXXXXXXXXX
Threat Target User Name:
Threat Target Port Number:
Threat Target Network Protocol:
Threat Target Process Name:
Threat Target File Path:
Event Category:File system
Event ID:18000
Threat Severity:Information
Threat Name:4001
Threat Type:read,execute
Action Taken:Permitted
Threat Handled:false
Analyzer Detection Method:

 

 

 

ePO Reachable True
Executable file description WINDOWS EXPLORER
Executable fingerprint 8b88ebbb05a0e56b7dcc708498c02b3e
In Trusted Network Unknown
Subject Distinguished Name CN=MICROSOFT WINDOWS, OU=MOPR, O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US
Subject Organization Name MICROSOFT CORPORATION
Warning Note Agent was unable to send advanced details - too much data to display.
Workstation Name XXXXXXXXXXXXXX

 

Message was edited by: greatscott on 3/29/13 11:37:51 AM CDT

 

Message was edited by: greatscott on 3/29/13 11:38:22 AM CDT

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points