Viewing Spyware/Grayware Logs

The Security Agent generates logs after detecting spyware and grayware and then sends the logs to the server.

  1. Go to one of the following:
    • Logs > Agents > Security Risks

    • Agents > Agent Management

  2. In the agent tree, click the root domain icon () to include all agents or select specific domains or agents.
  3. Go to the Spyware/Grayware Log Criteria screen:
    • From the Security Risk Logs screen, click View Logs > Spyware/Grayware Logs.

    • From the Agent Management screen, click Logs > Spyware/Grayware Logs.

  4. Specify the log criteria and then click Display Logs.
  5. View logs. Logs contain the following information:




    The time the detection occurred


    The endpoint on which the detection occurred


    The name of the security threat

    Scan Type

    The scan that detected the threat


    The result of the action taken


    For more information on scan results, see Spyware/Grayware Scan Results.

    IP Address

    The IP address and port number of the source endpoint

    MAC Address

    The MAC address of the infected endpoint


    A link that displays the detailed analysis for the specific detection

  6. (Optional) Select any spyware/grayware detection you consider harmless and click Add to Approved List to exclude the program from further scanning.
  7. To save logs to a comma-separated value (CSV) file, click Export All to CSV. Open the file or save it to a specific location.

    The CSV file contains the following information:

    • All information in the logs

    • User name logged on to the endpoint at the time of detection