Jump to content

10885 beta


stapp
 Share

Recommended Posts

  • 3 weeks later...
On 5/20/2021 at 10:24 PM, JeremyNicoll said:

Does that facility only work through the website thing?  And does the website store info about customers' incidents on your server, or interrogate (online only) PCs when it wants to build a display?

The EDR feature is only available in Emsisoft Management Console. (EMC)

Detection incidents are sent to EMC as they happen. There is not much sense to do that when required for reporting or actions, as devices can be offline;

image.thumb.png.9ad52c8611ba19c06c9bd61335474737.png

 

Link to comment
Share on other sites

@Frank H - ok.  I don't use the EMC but I have the impression that my edr.db3 file is growing in size.  I copied it (because EAM has it in use) and then opened the copy in an SQLite inspection utility.  It seems to contain a copy of the (expected) detections from my last custom scan (some zipped backups of old mail files contain some infected mails which are always found when I do custom scans that include zips).  I note that the data is keyed just on an incrementing counter but includes detection time & date ... which suggests that the same set of detections might get added to the tables concerned every time they are found by successive custom scans.  Is this edr.db3 file going to grow large and need pruned in some way?   

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...