Threat Mitigation Log

Logs > Threat Mitigation Log

Whenever Network VirusWall Enforcer attempts to respond to a detection by Threat Discovery Appliance (TDA), it generates an entry in the threat mitigation logs.

A brief description of the options available on this screen is available below.

• Search criteria—specify the criteria for querying log entries.

• • Time period—specify the range of the logs to display.

  • More search criteria—narrow down the query using additional criteria, specifying the IP address range of endpoints, specific endpoint host names, the type of threat event, or the host name of the TDA device

  • Logs per page—select the number of logs to view per page. You can modify this after the results are displayed.

  • Search—click to query the log.

• Query result—displays the result of the query and provides additional actions that you can perform in response to the log entries.

• • Export All to CSV—export the query result

  • Page—jumps to the page that you specify.

  • Each log entry includes the following data:

  • • Date/Time—date and time the threat mitigation event occurred

    • IP Address—IP address of the endpoint

    • Host Name—host name of the endpoint

    • Threat Event—event type

    • Mitigation Status—results of the mitigation attempt

See also:

About Logs

About Threat Mitigation

About Mitigation Status

Adding a Policy

Viewing the Threat Mitigation Log