Viewing Affected Hosts - Detection Details

Detection details about the event are displayed.

• Click View in Threat Connect to connect with Threat Connect, where you can search for current information about the threat.

• Click Download and then select Detected File to download a password protected ZIP archive containing the detected file.

• If a packet capture has been enabled and the detection matched a packet capture rule, click Download and then select PCAP File to download a password protected ZIP archive containing the pcap file.

  In the pcap file, the comment "Detected Packet" in the "pkt_comment" field marks the packet that triggered the detection.

• Click Download and then select All to download a password protected ZIP archive containing the detected file, the packet capture file, and the connection details.

• Click View Virtual Analyzer Report to view the Virtual Analyzer report.

• Click Download and then select Virtual Analyzer Report to download the Virtual Analyzer report.

• Click Download and then select Investigation Package to download a password protected ZIP archive containing the investigation package.

• Click Download and then select Detected File to download a password protected ZIP archive containing the detected file.

• Click Download and then select All to download a password protected ZIP archive containing the detected file, the Virtual Analyzer report, and the investigation package.