The Falcon platform will show a maximum of how many detections per day for a single Agent Identifier (AID)?
The Falcon platform will show a maximum of how many detections per day for a single Agent Identifier (AID)?
The Falcon platform will show a maximum of 1000 detections per day for a single Agent Identifier (AID). This limit is set to ensure manageability and prompt investigation if detections exceed this threshold, indicating a potential issue requiring attention.
DO NOT go by wildbandana!! Right in the doc " The console displays up to 1,000 detections per day for a single Agent ID" Anser is 1000 or C .
Wildbandana is trolling every single one of these questions.
Answer is C, 1000 Refer to the document , Falcon Documentation > Endpoint Security > Endpoint Monitoring > Endpoint Detection Monitoring (Legacy) section : How detections are recorded The console displays up to 1,000 detections per day for a single Agent ID. If there are more than 1,000 detections for a host, it’s a clear indication that it should be investigated.
1000 detections per pattern per host per day.