I was wondering why my site is always displaying the "endpoints need attention". I cleaned up the computers. I did many full scans after and all of them said Protected and did not show any infected files anymore. But in my console I see the "endpoints need attention, last threat on 11-16-2016 (2 days before)" for the same 2 computers. Is there a way to reset in the console so that they are now viewed as protected?
I don't know if you understand my issue...<
Best answer by coscooper
@audreylaliberte - This is a common question and the short answer is, they usually take a few days to cycle. If your policy poll setting is 24 hours (daily), then it could take up to 72 hours to clear at the site/GSM level. it's not going to be instant, so give it a few days. Just know, the endpoint is in good shape and has been remediated.
Keep in mind, there's really nothing you need to do once a machine has reported a threat. The WSAB agent has already remediated the file (put it in quarantine), rolled back any changes the file potentially performed and rescanned the machine for additional remnants and/or references.