Provides specific information about application control
violations on your network, such as the violated Security Agent policy and
criteria
Detailed Application Control Violation Information Data View
|
Data
|
Description
|
|
Generated
|
The date and time the managed product generated the
data
|
|
Received
|
The date and time Apex Central received
the data from the managed product
|
|
User Name
|
The logged on user name at the time of the event
|
|
Endpoint
|
The name of the endpoint
|
|
Action
|
The action taken by the managed product
|
|
File
|
The name of the file object or the program that
executed the process
|
|
Process
|
The process executed by the file object
|
|
Policy
|
The name of the policy applied by the Apex Central or managed product
console
|
|
Criteria
|
The name of the rule for application usage
|
|
Match Method
|
The method used to identify applications in the allow and block
criteria
|
|
Version
|
The Certified Safe Software Pattern version
|
|
Hash Type
|
The type of hash algorithm used
|
|
Hash Value
|
The hash value of the file object
|
|
Certificate Signer
|
The issuer of the certificate
|
|
Server
|
The display name of the managed product
server in Apex Central
to which the endpoint reports
|
|
Connection Status
|
The status of the connection between the endpoint and the managed
product server
|
|
Endpoint IP Address
|
The IP address of the endpoint
|
|
Command
|
The command issued
|
|
Process Owner
|
The user name of the account that issued the command
|
|
Application
|
The name of the application to which the file object belongs
|
|
Matched File Path
|
The directory location of the file object
|
|
Detections
|
The total number of detections
|
|
File Last Modified
|
The date and time the file object was last modified
|