Viewing Behavior Monitoring Logs Parent topic

Procedure

  1. Navigate to LogsNetworked Computer LogsSecurity Risks or Networked ComputersClient Management.
  2. In the client tree, click the root domain icon (icon_root-5.bmp) to include all clients or select specific domains or clients.
  3. Click LogsBehavior Monitoring Logs or View LogsBehavior Monitoring Logs.
  4. Specify the log criteria and then click Display Logs.
  5. View logs. Logs contain the following information:
    • Date/Time unauthorized process was detected
    • Computer where unauthorized process was detected
    • Computer’s domain
    • Violation, which is the event monitoring rule violated by the process
    • Action performed when violation was detected
    • Event, which is the type of object accessed by the program
    • Risk level of the unauthorized program
    • Program, which is the unauthorized program
    • Operation, which is the action performed by the unauthorized program
    • Target, which is the process that was accessed
  6. To save logs to a comma-separated value (CSV) file, click Export to CSV. Open the file or save it to a specific location.