About Matthew Franks

Matthew Franks · 09-24-2025

There is no way to achieve this through the UI, but you can use the /v1/computers/{connector_guid}/trajectory API endpoint. More information is available here:https://developer.cisco.com/docs/secure-endpoint/v1-api-reference-computer/Thanks, Matt

Matthew Franks · 08-20-2025

Looks like we made a change early last month for this. The previously applied exclusions should work with no changes but any new changes would require the update. -Matt

Matthew Franks · 08-20-2025

@Ken Stieers CSIDL_PROGRAM_FILES/Cisco/AMP seems to work just fine in my environment. CSIDL_BASEDIR as in your photo looks like it needs a / at the end to be taken. You can see the same with FOLDERID. Thanks, Matt

Matthew Franks · 08-05-2025

Hey Javier, You didn't specify where you were viewing the verdict so I had to guess but I checked File Trajectory and the events page and can see it loading the verdict. If you're still not seeing it could you provide more information please? Thanks...

Matthew Franks · 07-29-2025

1. When you exit using the CSE Icon it just closes out the User Interface process. 2. The protection offered by CSE continues without the User Interface visible. Hope that helps, Matt

Member Since	‎03-09-2015 05:59 AM
Date Last Visited	‎11-26-2025 04:14 AM
Posts	328
Total Helpful Votes Received	276

User Statistics

User Activity

Re: Cisco AMP - Is there a way to preserve the device trajectory event

Re: CSIDL_BASEDIR Path Exclusion?

Re: CSIDL_BASEDIR Path Exclusion?

Re: File Verdict Not Loading for File

Re: What does the "End" in the Cisco Secure Client icon mean