Hello,
Thanks for reaching out to the Broadcom Community.
Assuming you are using the On Prem SEPM Manager, you could try to add a blocking rule set to logging for the following Hardware Device:
Portable Device - Class ID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
But in general you would need to identify the Class ID associated with your device in order to add it to our product.
For more information about identifying the Class ID / Device ID for a given device see this link:
https://knowledge.broadcom.com/external/article/151386/use-devviewer-to-find-hardware-device-id.html
Kindly test this out first before applying this ruleset to all of Production.
If this doesn't solve the issue, and you want to look into other available options then kindly open a case with Support to investigate further.
Thanks,
Russ_V
Original Message:
Sent: May 15, 2025 05:40 AM
From: ERDINC YILDIZ
Subject: Log files written to MTP devices
We are currently monitoring files written to usb storage devices. But MTP devices like tablets do not appear as storage device. Is there a way to log files written through MTP?