Logs > Endpoint History
When Network VirusWall Enforcer matches a policy to an endpoint, it creates an endpoint history entry for the noncompliant endpoint. It also logs other policy violations by the same endpoint or changes to the status of the endpoint into the same entry. If you register the device to Control Manager, you can configure the time interval for sending endpoint history entries to the Control Manager server.
A brief description of the options available on this screen is available below.
Search criteria—specify the criteria for querying log entries.
Endpoint status—select the status of the endpoints to query information on.
More search criteria—narrow down the query using additional criteria, including the IP address range of endpoints, specific endpoint host names or MAC addresses, the particular service or enforcement criteria that have been violated.
Logs per page—select the number of logs to view per page. You can modify this after the results are displayed.
Search—click to query the log.
Query result—displays the result of the query and provides additional actions that you can perform in response to the log entries.
Quarantine—isolates selected endpoints by blocking network access.
Release—restores access to the network to selected endpoints.
Export All to CSV—export the query result.
Page—Jumps to the page that you specify.
Each log entry includes the following data:
Date/Time—date and time the policy violation occurred.
Endpoint IP Address—IP address of the endpoint.
Endpoint Host Name—host name of the endpoint.
Endpoint MAC address—MAC address of the endpoint.
Service—violated enforcement criterion.
Quarantined—whether or not the endpoint has been isolated from the network.