So it appears I have a user that has not had their laptop on the network for awhile to connect to the Endpoint server and all of the sudden it is flooding DLP with incidents. I have checked over all of my incidents and I cannot locate who or what system is generating the incidents.
So, I see incidents coming in right now that occured at a different date. Is there anyway I can see what incidents are coming in now even if it occured on a different date without knowing the exact date?