PortalProtect provides
comprehensive information about various scans. It saves this information to a database.
You can
query the database and obtain logs for analysis. For example, you can analyze Security
Risk scan
logs to view the most common viruses and scan actions and see which users are introducing
viruses
to the network.
You can use this information to reduce system vulnerabilities and review the effectiveness
of
your security policies; then, if necessary, adjust the policies accordingly. Additionally,
you
can export the log data in .csv format for further analysis or to share the
information.
The following is a listing of the information contained within the various log types:
-
Security risk scan logs–contains information about the: Date & Time,
Violator, Security Risk Name, Action, File Name, and Location. You can filter the
Security
risk scan logs for:
-
File blocking logs–contains information about the: Date & Time, Violator,
Policy Name, Action, File Name, Triggered File Type/Name, and Location.
-
Content Filtering logs–contains information about the: Date & Time,
Violator, Policy Name, Action, File name/Web Content Title, Triggered Keywords, and
Location.
-
Data loss prevention logs–contains information about the: Date & Time,
Violator, Policy Name, Action, File Name/Web Content Title, Template(s), and Location.
-
Web reputation logs–contains information about the: Date & Time, Violator,
Risk Level, Web Content Title, Suspicious URL, Action, and Location.
-
Update logs–contains information about the: Date & Time, and
Description.
-
Scan events logs–contains information about the: Date & Time, and
Description.
-
Backup logs–contains information about the: Date & Time, Violator, Security
Rick Name, File Name, Location, and Backup Path.
-
Unscannable files logs–contains information about the: Date & Time,
Location, Violator, Reason, File Name, and Action.
-
Event tracking logs–contains information about the: Username, Event time, IP
address, Event type, Source type, and Description.
