Replies: 2 comments
-
|
Hi, thanks for reporting, you aren't doing anything wrong, I need to update the CSV parsing logic in the app because some of the field names were changed in the past few months in the exported CSV files of MDE advanced Hunting. I'll release a new update very soon to fix it. |
Beta Was this translation helpful? Give feedback.
-
|
I just released a new version of AppControl Manager that fixes this issue completely and adds future proofing. Thanks again for reporting it. 🙏🏻 Release notes -> https://github.com/HotCakeX/Harden-Windows-Security/releases/tag/AppControlManager.v.1.5.1.0 You can use the built-in updater to install the new version. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Hello
I make the following query in Advanced huntig, as documented:
DeviceEvents
| where ActionType startswith “AppControlCodeIntegrity”
or ActionType startswith “AppControlCIScriptBlocked”
or ActionType startswith “AppControlCIScriptAudited”
I export the logs and then have the .csv file.
When I then load the logs into Create policy from MDE Advanced Hunting, I always get the following error message:
What am i doing wrong?
Very grateful for help
Beta Was this translation helpful? Give feedback.
All reactions