|
|
|
|
|
|
Field
|
Description
|
|---|---|
|
Risk level
|
High, Medium, Low, or User Defined.
|
|
Detected by
|
|
|
Threat type
|
|
|
Threat name
|
Click the listed threat name to get correlated information about
suspicious objects detected in your environment and threat data from the Trend Micro
Smart Protection Network, which provides relevant and actionable intelligence.
|
|
File name
|
The name of the file, if any, for the detection.
|
|
File SHA1
|
The file SHA1, if any, for the detection.
|
|
Policy name
|
The name of the policy applied to the detection.
|
|
Action
|
Monitor or Block.
|
|
Field
|
Description
|
|---|---|
|
Timestamp
|
The latest detection time.
|
|
User name
|
The user name or IP address (if Active Directory Services is not enabled).
|
|
Active Directory domain
|
Active Directory domain information
|
|
Client IP
|
The source for the object.
|
|
Server IP
|
The destination for the object.
|
|
URL
|
The URL of the detected object.
|
|
URL category
|
The URL category of the detected object.
|
|
Protocol
|
The network protocol used for the detected object.
|
 |
NoteIf the detection log can be associated with an existing Virtual Analyzer report, the
section “Virtual Analyzer Report” is shown. If a report does not exist for the selected
detection, the section is hidden.
|
|
Field
|
Description
|
|---|---|
|
Report
|
Provides links to download the Virtual Analyzer HTML and PDF
report.
|
|
Investigation package
|
Provides the link to download the raw investigation package. The
decompress password is 'virus'.
|