Hi,
I don't want to see processes that are legitimate. Is it possible to whitelist processes so that they don't appear in the uncommon processes?
Thanks in advance,
Brit
No one is available to respond to my question?
Please help me out.
Thanks, Brit
@bmbrit are you asking about the "Uncommon Processes" view for a host/s? If so, you can add a filter to the page. The concept of whitelisting wouldn't apply here, as that is just showing what is potentially uncommon, and bubbling it up to the user in a dedicated view.
Thanks,
James
Thanks for your response, @jamesspi
I was under the impression that the "Uncommon Processes" view for the Host/s can be whitelisted under the "Administration => Trusted Application".
We are seeing applications (our own product) that I want to whitelist and do not want to see in the uncommon process. As our clients, get a little confused to see why the products application process to be seen in "Uncommon Processes".
Anyway, I misrelated these two terms "Uncommon Process" and "Trusted Applications". Hope I can explain them better.
Thanks again for your response, appreciate it!!
Brit
Thanks for clarifying @bmbrit .
Trusted applications refers to our our Endpoint Security integration for Elastic Agent. Any trusted application added will get ignored by the Endpoint Security integration, specifically for Malware detection/prevention.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.