Views:
You can view a comprehensive report for each Predictive Machine Learning log detection by clicking the View link under the Details column.
The Log Details screen consists of two sections:
  • Top banner: Specific details related to this particular log detection
  • Bottom tab controls: Details related to the Predictive Machine Learning threat, including threat probability scores, file information, and other endpoints across your network that have the same detection
The following table discusses the information provided in the top banner.

Log Details - Top Banner

Section
Description
Detection time / Action
Indicates when this specific log detection occurred and the action that the agent took on the threat
File name
Indicates the name of the file that triggered the detection on the specified endpoint
Tip
Tip
Click Add to Exception List to quickly add the file hash value of the affected file to the global Predictive Machine Learning Exception list. View the entire exception list on the Predictive Machine Learning Settings screen.
For more information, see Configuring Predictive Machine Learning Settings.
Important
Important
The detected file name for this detection may not be the same as the file name detected on other agents. Predictive Machine Learning associates detections according to file hash values, not specific file names. View the Affected Endpoints tab to verify the file name on other endpoints.
Endpoint information
Displays the logged on user at the time of the detection, the endpoint name, and the IP address of the endpoint
Channel information
Displays the channel from which the threat originated and the folder location on the endpoint the threat transferred to
The following table discusses the information provided on the bottom tabs.

Log Details - Tab Information

Tab
Description
Threat Indicators
Provides the results of the Predictive Machine Learning analysis
  • Threat Probability: Indicates how closely the file/process matched the malware model
  • Probable Threat Type: Indicates the most likely type of threat contained in the file after Predictive Machine Learning compared the analysis to other known threats
  • Threat Identifiers: Provides a list a API functions used by the file/process that may be indicative of the detected threat type
    Important
    Important
    API function identification is only one factor in the determination of the threat type. Predictive Machine Learning uses many other file features and analysis methods to calculate the threat probability and probable threat type.
  • Similar Known Threats: Provides a list of known threat types that exhibit similar file/process features to the detection
File Details
Provides general details related the file properties and certificate information for this specific detection log
Affected Endpoints
Displays a list of other agents on your network with the same Predictive Machine Learning detection and provides specific details about the detections on the other agents