Aug 18 2017
07:08 AM
- last edited on
Nov 30 2021
10:11 AM
by
TechCommunityAP
Aug 18 2017
07:08 AM
- last edited on
Nov 30 2021
10:11 AM
by
TechCommunityAP
Hi,
Quick question that I can't find the answer to. When ATA pops up an alerts for some activity that it found, once the underlying system that created the activity is remediated, how long before the alert will be updated and the activity will removed? So, if I had a server that did some type of DNS reconissance, and I fix the software that created the alert to begin with, when will the alert close for that specific host?
Thanks
Aug 18 2017 08:27 AM
Hi Kevin,
The Suspicous Activities (alerts) do not auto-close. Once you fix the issue, you need to close the suspicous acitvity.