Viewing Suspicious File Logs

The OfficeScan agent generates logs when it detects files in the Suspicious Files list and sends the logs to the server.

  1. Go to one of the following:
    • Logs > Agents > Security Risks

    • Agents > Agent Management
  2. In the agent tree, click the root domain icon () to include all agents or select specific domains or agents.
  3. Click Logs > Suspicious File Logs or View Logs > Suspicious File Logs.
  4. Specify the log criteria and then click Display Logs.
  5. View logs. Logs contain the following information:
    • Date and time of suspicious file detection

    • Endpoint

    • Domain

    • Infection source SHA-1 hash value of the file

    • Path of the file

    • Scan type that detected the suspicious file

    • Scan results

      Note:

      For more information on scan results, see Virus/Malware Scan Results.

    • IP address