SONAR Configuration for Host File change
On our SEPM, under SONAR settings
DNS change = log
HOST FILE change = log
result: we keep receiving single risk notification for microsoft svchost.exe and other applications.
Question: is the hostfile SONAR referring to is the one on C:\Windows\System32\drivers\etc??
or is there any other hostfile location?