Threat Hunting tab does not show expected activity events

If the Threat Hunting tab does not show expected activity events after installation, perform the following troubleshooting steps:

Check which Collectors group the triggering device belongs to.
Check the Threat Hunting Collection profile assigned to this group and make sure the profile includes the activity events you are searching for in the Threat Hunting tab.
If the profile includes the activity events but the Threat Hunting tab still does not show them, check the installation status of the Threat Hunting repository by running the kubectl get pods -n edr2-onprem command in the Threat Hunting repository console.
Verify the status is Running for all entries. See example below. Otherwise, reinstall the Threat Hunting repository.

Threat Hunting tab does not show expected activity events

If the Threat Hunting tab does not show expected activity events after installation, perform the following troubleshooting steps:

Check which Collectors group the triggering device belongs to.

Check the Threat Hunting Collection profile assigned to this group and make sure the profile includes the activity events you are searching for in the Threat Hunting tab.

If the profile includes the activity events but the Threat Hunting tab still does not show them, check the installation status of the Threat Hunting repository by running the kubectl get pods -n edr2-onprem command in the Threat Hunting repository console.

Verify the status is Running for all entries. See example below. Otherwise, reinstall the Threat Hunting repository.

Administration Guide

Threat Hunting tab does not show expected activity events

Threat Hunting tab does not show expected activity events

Threat Hunting tab does not show expected activity events