Views:

Threat Events

Event Category
Details
Event Status
Antispyware
Spyware/Grayware detections exceed
i-status-yellow-wfrm.png: The detected spyware/grayware count exceeds the configured threshold within 1 hour (as configured on the managed product console)
Threats unresolved
i-status-red-wfrm.png: Displays the number of endpoints infected with spyware/grayware that the managed product was unable to completely clean and may require the customer to perform additional action
Antivirus
Real-time Scan disabled
i-status-red-wfrm.png: Security Agents with Real-time Scan disabled cannot protect endpoints from virus/malware in newly created or executed files
Threats unresolved
i-status-red-wfrm.png: Unsuccessful actions indicate that a virus or malware has successfully circumvented antivirus defenses and has infected the endpoint.
Note
Note
Remote Manager assumes that computers with an unsuccessfully cleaned, quarantined, or deleted virus or malware are infected.
Virus detections exceed
i-status-yellow-wfrm.png: The detected virus/malware count exceeds the configured threshold within 1 hour (as configured on the managed product console)
Application Control
Application Control violations exceed
i-status-yellow-wfrm.png: The detected Application Control violation count exceeds the configured threshold within 1 hour (as configured on the managed product console)
Behavior Monitoring
Behavior Monitoring violations exceed
i-status-yellow-wfrm.png: The detected Behavior Monitoring violation count exceeds the configured threshold within 1 hour (as configured on the managed product console)
Data Loss Prevention
Data Loss Prevention incidents exceed
i-status-yellow-wfrm.png: The detected Data Loss Prevention incident count exceeds the configured threshold within 1 hour (as configured on the managed product console)
Device Control
Device Control violations exceed
i-status-yellow-wfrm.png: The detected Device Control violation count exceeds the configured threshold within 1 hour (as configured on the managed product console)
Network virus
Network virus detections exceed
i-status-yellow-wfrm.png: The detected network virus count exceeds the configured threshold within 1 hour (as configured on the managed product console)
Outbreak Defense
Outbreak Defense enabled
i-status-yellow-wfrm.png: Outbreak Defense enabled on desktop/server platforms in response to abnormal threat activity
Outbreak Defense disabled
i-status-yellow-wfrm.png: Outbreak Defense disabled on desktop/server platforms and normal network conditions restored
Predictive Machine Learning
Unknown threat detections exceed
i-status-yellow-wfrm.png: The detected unknown threat count exceeds the configured threshold within 1 hour (as configured on the managed product console)
URL Filtering
URL violations exceed
i-status-yellow-wfrm.png: The detected URL Filtering violation count exceeds the configured threshold within 1 hour (as configured on the managed product console)
Web Reputation
URL violations exceed
i-status-yellow-wfrm.png: The detected Web Reputation violation count exceeds the configured threshold within 1 hour (as configured on the managed product console)
Suspicious Objects
Suspicious Object detections exceed threshold
i-status-yellow-wfrm.png: Suspicious Object detections exceed the specified number within the specified time period.

System Events

Event Category
Details
Event Status
Smart Protection Services
Agents disconnected
i-status-red-wfrm.png: Security Agents cannot connect to the Smart Protection Network
Update
Outdated agents
i-status-red-wfrm.png: Security Agents with outdated patterns after two hours of antivirus pattern release exceeded threshold