[KB8542] Reduce false positive detections in ESET Inspect and ESET Inspect On-Prem

Solution

  1. Log into ESET Inspect.

  2. Click Dashboard Executables.

  3. Under Problematic executables, sort the Unresolved column by descending to see the executables that are responsible for the most detections. 

  4. Right-click the top executable and select Detections

  5. Select a rule and click Create exclusion.

  6. Click Criteria, select Process path starts with and Cmd. line contains and define the current process. We recommend using generic attributes such as folders, signatures, and command line options. Avoid using hashes in exclusions.

  7. Click Rules. Ensure Auto-resolving is selected to have all future detections resolved. Enabling this option will also resolve all past detections matching this exclusion.

  8. Click Targets Assign. Select the computers or groups the exclusion should apply to and click OK.

  9. Click Summary. Verify all the settings for this exclusion and click Create exclusion.

  10. Repeat the process on other false positives until exclusions are created for most outlier detections.

  11. In the left side panel click More Tasks to view the progress of the resolving task. Depending on the size of your database, this could take several hours or days.

Last Updated: Sep 5, 2024

Additional resources

User guides

ESET Forum

YouTube videos
ESET Support News ESET Customer Advisories ESET Status Portal ESET Technical Support

Existing customer?