Detailed Application Control Violation Information

Provides specific information about Application Control violations on your network, such as the violated policy and rule name, and specific information about the endpoint and application.‚Äč

Table 1. Detailed Application Control Violation Information Data View

Data

Description

Received

The date and time Apex Central received the data from the managed product

Generated

The date and time the managed product generated the data

User Name

The logged on user name at the time of the event

Endpoint

The name of the endpoint

Action

The action taken by the managed product

File

The name of the file object or the program that executed the process

Process

The process executed by the file object

Policy

The name of the policy applied by the Apex Central or managed product console

Criteria

The name of the rule for application usage

Match Method

The method used to identify applications in the allow and block criteria

Pattern Version

The Certified Safe Software Pattern version

Hash Type

The type of hash algorithm used

Server

The display name of the managed product server in Apex Central to which the endpoint reports

Connection Status

The status of the connection between the endpoint and the managed product server

Endpoint IP Address

The IP address of the endpoint

Hash Value

The hash value of the file object

Certificate Signer

The issuer of the certificate

Command

The command issued

Process Owner

The user name of the account that issued the command