Views:

The Security Agent generates logs when it detects viruses and malware and sends the logs to the server.

  1. Go to one of the following:
    • Logs > Agents > Security Risks

    • Agents > Agent Management

  2. In the agent tree, click the root domain icon () to include all agents or select specific domains or agents.
  3. Go to the Virus/Malware Log Criteria screen:
    • From the Security Risk Logs screen, click View Logs > Virus/Malware Logs.

    • From the Agent Management screen, click Logs > Virus/Malware Logs.

  4. Specify the log criteria and then click Display Logs.
  5. View logs. Logs contain the following information:

    Item

    Description

    Date/Time

    The time the detection occurred

    Endpoint

    The endpoint on which the detection occurred

    Security Threat

    The name of the security threat

    Infection Channel

    The channel the threat originated from

    Infected File/Object

    The location of the file/object on the endpoint

    Scan Type

    The scan that detected the threat

    Result

    The result of the action taken

    Note:

    For more information on scan results, see Virus/Malware Scan Results.

    IP Address

    The IP address and port number of the source endpoint

    MAC Address

    The MAC address of the infected endpoint

    Details

    A link that displays the detailed analysis for the specific detection

  6. To save logs to a comma-separated value (CSV) file, click Export All to CSV. Open the file or save it to a specific location.

    The CSV file contains the following information:

    • All information in the logs

    • User name logged on to the endpoint at the time of detection