Provides specific information about the virus/malware instances found in network traffic, such as the managed product that detects the viruses/malware, the protocol the virus/malware uses to enter your network, specific information about the source and destination of the virus/malware
Data |
Description |
---|---|
Received |
The date and time Apex Central received the data from the managed product |
Generated |
The date and time the managed product generated the data |
Product Entity/Endpoint |
Depending on the related source:
|
Product |
The name of the managed product or service Example: Apex One, ScanMail for Microsoft Exchange |
Virus/Malware |
The name of the security threat Example: NIMDA, BLASTER, I_LOVE_YOU.EXE |
Endpoint |
The IP address or name of the endpoint that the threat accessed |
Source Host |
The IP address or name of the endpoint from which the security threat originated |
User |
The logged on user name at the time of the event |
Traffic/Connection |
The direction of the transmission |
Protocol |
The protocol that the threat used to enter the network Example: HTTP, SMTP, FTP |
Endpoint Computer |
The IP address or name of the endpoint that the threat accessed |
Endpoint Port |
The IP port number that the threat accessed |
Endpoint MAC |
The MAC address that the threat accessed |
Source Computer |
The IP address or name of the endpoint from which the security threat originated |
Source Port |
The source IP address port number of the detected threat |
Source MAC |
The source MAC address of the detected threat |
File |
The name of the file object that the threat accessed |
Result |
The result of the action taken by the managed product Example: successful, further action required |
Action |
The action taken by the managed product Example: File cleaned, File quarantined, File deleted |
Detections |
The total number of detections Example: Apex One detects 10 virus instances of the same virus on one computer. Detections = 10 |
Cloud Service Vendor |
The name of the cloud service vendor |