The Security Agent generates logs after detecting spyware and grayware and then sends the logs to the server.
-
Go to one of the following:
-
Logs > Agents > Security Risks
-
Agents > Agent Management
-
-
In the agent tree, click the root domain icon (
) to
include all agents or select specific domains or agents.
-
Go to the Spyware/Grayware Log Criteria
screen:
-
From the Security Risk Logs screen, click View Logs > Spyware/Grayware Logs.
-
From the Agent Management screen, click Logs > Spyware/Grayware Logs.
-
- Specify the log criteria and then click Display Logs.
-
View logs. Logs contain the following information:
Item
Description
Date/Time
The time the detection occurred
Endpoint
The endpoint on which the detection occurred
Spyware/Grayware
The name of the security threat
Scan Type
The scan that detected the threat
Result
The result of the action taken
Note:For more information on scan results, see Spyware/Grayware Scan Results.
IP Address
The IP address and port number of the source endpoint
MAC Address
The MAC address of the infected endpoint
Details
A link that displays the detailed analysis for the specific detection
- (Optional) Select any spyware/grayware detection you consider harmless and click Add to Approved List to exclude the program from further scanning.
-
To save logs to a comma-separated value (CSV) file, click
Export All to CSV. Open the file or save it to a
specific location.
The CSV file contains the following information:
-
All information in the logs
-
User name logged on to the endpoint at the time of detection
-