C&C Callback Events Widget

This widget displays the number of C&C callback attempts based on compromised hosts or callback addresses. The widget can display data for only one information type at a time. Clicking the numbers in any table cells opens the C&C Callback Events screen, which contains the following callback summary data:



Compromised Host

Affected host or email address

Callback Address

URL, IP address, or email address to which a compromised host attempts a callback

C&C Server Location

Region and country where the C&C server locates

Callback Attempts

Number of contacts made between callback addresses and compromised hosts

Latest Callback Address/Compromised Host

URL, IP address, or email address to which the last callback attempt was logged

Callback Addresses/Compromised Hosts (with numbers displayed in the columns)

Number of compromised hosts or callback addresses associated with the callback attempts

Logged By

Name of the managed product that logged the event

Click the settings icon ( > ) to edit the following:

  • Title: Modify the title of the C&C Callback Events widget.

  • Scope: Click and select the parent servers that the widget uses as the source.

  • C&C list source: Select Global Intelligence, Virtual Analyzer, or User-defined as the C&C list sources.

  • Items to display: Select the number of items to display on the widget.

Click Save to apply changes and exit.