Who is this article for?
CrashPlan for Enterprise, no.
Code42 for Enterprise, yes.
CrashPlan for Small Business, no.
This article applies to Code42 cloud environments.
The Endpoints Not Reporting Security Events tile of the Endpoint dashboard shows you how many devices are not sending file event data to Code42. This article gives examples of what you can do to resolve endpoints that are in a warning or critical state:
- Warning: Endpoints not reporting security events for at least 4 days.
- Critical: Endpoints not reporting security events for at least 10 days.
- To resolve endpoints that are not reporting security events, you must have roles that provide the necessary permissions. We recommend you use the roles in our use case for managing a security application integrated with Code42.
Why endpoints appear on this graph
An endpoint may not send security events for several reasons, including:
- The endpoint has been turned off for more than 4 days. Common reasons include:
- The endpoint's owner is on vacation.
- The endpoint is a lab or training machine that is offline or not used frequently.
- The endpoint is no longer in use (for example, the employee left the company or received a new device).
- The Code42 app cannot establish a network connection to the Code42 cloud.
- The Code42 app is not running properly. For example:
- A recent upgrade left the Code42 app in an inoperable state.
- The Code42 service has been disabled on the endpoint.
- The endpoint is idle and there is no file activity to generate security events.
- File Metadata Collection was just enabled in your Code42 environment. Upon first enabling File Metadata Collection, you may see many devices in a warning or critical state. As Code42 starts receiving events from the new endpoints, the number of endpoints in a warning or critical state will decrease.
Resolve endpoints in a warning or critical state
To resolve endpoints in your Code42 environment in a warning or critical state for not reporting events to Code42, follow the steps below.
Step 1: Export the list of endpoints
- Sign in to the Code42 console.
- Select Administration > Dashboards > Endpoint.
- On the Endpoints Not Reporting Security Events tile, select either Warning or Critical.
- Click any bar on the graph to open the data summary table for that day. (To ensure you export endpoints currently in a warning or critical state, click the most recent date.)
- Click Export.
A CSV file of all affected endpoints for that day is downloaded to your device. The CSV file lists the username, hostname, health status of the device, and the number of days since the last file activity was recorded.
Step 2: Troubleshoot each endpoint
- Open the CSV file downloaded in Step 1.
- Using the username and hostname columns, identify the owner of the endpoint.
- Check with the employee's manager to determine if the device is in use and expected to be online.
- If the device is still active:
- Test the network connection on each endpoint to ensure it can connect to the Code42 cloud.
- Check the status of the Code42 app via your device management tool (such as SCCM or Jamf) to verify the Code42 service is enabled.
- If the device is no longer in use, deactivate it in the Code42 console.
- If the device is still active: