ESM Request Monitor - Expiration time

… and another question… sorry.
On the ESM Request Monitor, can i change the expiring time? or after the standard action has been taken, still change the action? lets say a request by a process has expired and started in the sandbox. now i would like to mark it as safe/trusted. in the request monitor i can not find anything to do so after it expired.

You can change the request expiring time in CIS Configuration Editor.
E.g. for changing Sandbox requests expiring time:

  1. Right-click on endpoint in Computers Tree
  2. Select Internet Security - Configuration - Custom…
  3. Open Sandbox settings
  4. In Alerts Settings section change Request Timeout value
    In the same way you can change AV, FW and D+ requests timeout values in corresponding settings sections of Configuration Editor.
    Request action cannot be changed after it was taken. But if you don’t want a program to run in Sandbox, you can open Configuration Editor - Sandbox - Files, remove it from files, then open Defence+ - My Safe Files List and add this program to Safe files.

great… thanks for the quick reply.

just noticed something else: ESM or COU is greating a huge amount of xxxx.tmp files in ‘\local setting\temp’ now in 5 or 6 days abot 12 gig (19.000 files if i remember right). ???

This problem was solved in the latest COU version. You can get it here: