Troubleshooting
Problem
Filtering the endpoints page of the Hive dashboard does not show search results when multiple endpoints are picked up.
Cause
The filter on the endpoints page of the Hive dashboard is implemented with AND logic, so all results shown must be true, because one endpoint cannot match multiple endpoint names. Therefore, when filtering multiple endpoints, the search results will not be displayed.
Environment
QRadar EDR manage users
Resolving The Problem
Currently, this feature can search only one endpoint. Our development team may consider to extend the feature in the future with one of the following.
- Display a popup indicating that the search filter uses AND logic.
- Add "OR" and "NOT" logic, similar to the Threat Hunt feature, to enable filtering with multiple conditions.
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSOO77","label":"IBM Security QRadar EDR"},"ARM Category":[{"code":"a8m3p000000PCPsAAO","label":"Support"},{"code":"a8m3p0000000rbnAAA","label":"Support-\u003EAdministration Task"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
02 August 2024
UID
ibm17162057