In the Carbon Black EDR console, you can toggle the collection of fileless script load events per sensor group. This is disabled by default.
Procedure
- In the Event Collection Settings section, select the checkbox for Fileless script loads.
In the Carbon Black EDR console, you can toggle the collection of fileless script load events per sensor group. This is disabled by default.