Views:
The Security Agent generates logs when it detects viruses and malware and sends the logs to the server.

Procedure

  1. Go to one of the following:
    • LogsAgentsSecurity Risks
    • AgentsAgent Management
  2. In the agent tree, click the root domain icon (icon-root.jpg) to include all agents or select specific domains or agents.
  3. Go to the Virus/Malware Log Criteria screen:
    • From the Security Risk Logs screen, click View LogsVirus/Malware Logs.
    • From the Agent Management screen, click LogsVirus/Malware Logs.
  4. Specify the log criteria and then click Display Logs.
  5. View logs. Logs contain the following information:
    Item
    Description
    Date/Time
    The time the detection occurred
    Endpoint
    The endpoint on which the detection occurred
    Security Threat
    The name of the security threat
    Infection Channel
    The channel the threat originated from
    Infected File/Object
    The location of the file/object on the endpoint
    Scan Type
    The scan that detected the threat
    Result
    The result of the action taken
    Note
    Note
    For more information on scan results, see Virus/Malware Scan Results.
    IP Address
    The IP address and port number of the source endpoint
    MAC Address
    The MAC address of the infected endpoint
    Details
    A link that displays the detailed analysis for the specific detection
  6. To save logs to a comma-separated value (CSV) file, click Export All to CSV. Open the file or save it to a specific location.
    The CSV file contains the following information:
    • All information in the logs
    • User name logged on to the endpoint at the time of detection
Related information
Keywords: virus/malware logs