Jump to content

10885 beta


stapp
 Share

Recommended Posts

9 minutes ago, stapp said:

Would still like to know what the EDL folder is for in Emsi ProgramData

it's EDR and it is a folder that contains a database used for an upcoming cool feature.

Link to comment
Share on other sites

41 minutes ago, Frank H said:

it's EDR and it is a folder that contains a database used for an upcoming cool feature.

So it's top secret ? :ph34r:

Will it be able to be used by single users?

Link to comment
Share on other sites

29 minutes ago, stapp said:

So it's top secret ? :ph34r:

Will it be able to be used by single users?

Not so Topsecret :ph34r:, but you will know early next week when it will be released, and sure it will be usable by single users.

Link to comment
Share on other sites

  • 3 weeks later...

Ah.  Does that facility only work through the website thing?  And does the website store info about customers' incidents on your server, or interrogate (online only) PCs when it wants to build a display?

Link to comment
Share on other sites

On 5/20/2021 at 10:24 PM, JeremyNicoll said:

Does that facility only work through the website thing?  And does the website store info about customers' incidents on your server, or interrogate (online only) PCs when it wants to build a display?

The EDR feature is only available in Emsisoft Management Console. (EMC)

Detection incidents are sent to EMC as they happen. There is not much sense to do that when required for reporting or actions, as devices can be offline;

image.thumb.png.9ad52c8611ba19c06c9bd61335474737.png

 

Link to comment
Share on other sites

@Frank H  Thanks for the info.  So ... useful for anyone managing multiple machines, I expect.  But why is there a db on individual machines if the info is sent to EMC?  Is it just to cache that info until there's next an opportunity to send it there?

Link to comment
Share on other sites

@Frank H - ok.  I don't use the EMC but I have the impression that my edr.db3 file is growing in size.  I copied it (because EAM has it in use) and then opened the copy in an SQLite inspection utility.  It seems to contain a copy of the (expected) detections from my last custom scan (some zipped backups of old mail files contain some infected mails which are always found when I do custom scans that include zips).  I note that the data is keyed just on an incrementing counter but includes detection time & date ... which suggests that the same set of detections might get added to the tables concerned every time they are found by successive custom scans.  Is this edr.db3 file going to grow large and need pruned in some way?   

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...