View synchronized suspicious objects to understand
your risk, find related detections, and assess the relative prevalence of the
suspicious object.
Procedure
- Go to .The Synchronized Suspicious Objects screen appears.
- Click the drop-down for detection type and then select one
of the following detection types:
-
All (default)
-
IP addresses
-
URLs
-
File SHA-1
-
Domains
-
- To run a search, type an IP address, domain, URL or SHA-1 hash value in the search text box, and then press ENTER or click the magnifying glass icon.
- (Optional) Click a number in the Network
Detections or Email Messages column to
drill-down to the Network Detections or
Email Messages screen with filters
applied.
Note
The Network Detections number only includes detections from Deep Discovery Inspector appliances. The Email Messages number only includes email messages from Deep Discovery Email Inspector appliances. - (Optional) To configure detections-related display
settings, hover over the Network Detections or
Email Messages icon in the column title and select
Display Settings.
- Select a time period.
- Select which appliances to include as data source,
and domains from which email messages should be displayed.
Note
The time period, data source, and monitored domain filters only affect the Detections numbers. - Click Apply.
- (Optional) Click on the column titles to sort the list of synchronized suspicious objects.