Skip to main content

Bitdefender B2B Help Center

Raw Events

Raw Events helps you filter which events GravityZone processes. The settings on this page are applicable at company level.

gz_cl_pt_raw_events_en.png

This feature becomes available in the Configuration tab if you have the following:

  • GravityZone Business Security Enterprise or Bitdefender EDR Cloud license

  • One of the storage add-on licenses: GravityZone EDR 90 days Data Retention Add-on, GravityZone EDR 180 days Data Retention Add-on, or GravityZone EDR 365 days Data Retention Add-on

  • EDR or XDR module enabled

Events are collected from available endpoints. You can then send them to one feature at a time: either to a SIEM, to Search, or to MDR.

To enable or disable events, follow these steps:

  1. Select the event types from the grid.

  2. Click Change status.

  3. Select either Enable or Disable.

  4. Click Accept.

Note

The changes you make on this page do not affect endpoints that have the following policy option enabled: Policies > General > Security Telemetry.

For more information on which events are sent to the Control Center and which are ignored, which events are aggregated and how, refer to Raw Events processing rules.