This widget displays the number of C&C callback attempts based on compromised
hosts or callback addresses. The widget can display data for only one information
type at a time.
Clicking the numbers in any table cells opens the C&C Callback Events
screen, which contains the following callback summary data:
|
Data
|
Description
|
|
Compromised Host
|
Affected host or email address
|
|
Callback Address
|
URL, IP address, or email address to which a compromised host attempts a callback
|
|
C&C Server Location
|
Region and country where the C&C server locates
|
|
Callback Attempts
|
Number of contacts made between callback addresses and compromised hosts
|
|
Latest Callback Address/Compromised Host
|
URL, IP address, or email address to which the last callback attempt was logged
|
|
Callback Addresses/Compromised Hosts (with numbers displayed in the columns)
|
Number of compromised hosts or callback addresses associated with the callback
attempts
|
|
Logged By
|
Name of the managed product that logged the event
|
Click the settings icon (
→ 
) to edit the following:
→ ) to edit the following:-
Title: Modify the title of the C&C Callback Events widget.
-
Scope: Click
and
select the parent servers that the widget uses as the source. -
C&C list source: Select Global Intelligence, Virtual Analyzer, or User-defined as the C&C list sources.
-
Items to display: Select the number of items to display on the widget.
Click Save to apply changes and exit.