Elasticsearch, APM Server, Metricbeat 6.5.1 and Symantec WS.Reputation.1

(Behnam B) #1

The newest version of Elasticsearch, APM Server, and Metricbeat (v 6.5.1) causes Symantec to issue a WS.Reputation.1 and quarantine/delete the following .exe files:


The symantec configurations are locked by our central security admin so I can not turn off Insight or exclude these folders from being scanned. Are there any other options? Is there plans to add these to Norton's trusted list?

(David Turner) #2

Thanks for letting us know. I've raised this with the wider team. Unfortunately false positives are a fact of life with this kind of security tool. I'm not sure what the next steps will be at this stage.

(system) closed #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.