The Virus and Malware Event Alerts View

The Virus and Malware Event Alerts view on the Groups page provides a centralized view of all alerts generated by virus and malware scans performed on a selected group.

Feature

Function

Filters

Filters list of event alerts.

Toolbar

Manages event alerts and launches Virus and Malware Scan Wizard.

Group By row

Groups the list of event alerts.

Event Alerts list

Lists event alerts generated by virus scans.

The information and features enable you to:

Review current status: You can see the types of malware that have been detected and the endpoints that have been infected. This information will help you to determine how the infection originated and the best way to handle it.

Take remedial action: You can use Scan Now to launch the Virus and Malware Scan Wizard, configuring it to perform specific actions that will reduce the threat to the network. See Using the Virus and Malware Scan Wizard for more information.

Virus and Malware Event Alerts View Toolbar

The Virus and Malware Event Alerts toolbar on the Groups page enables you to perform functions on the group event alerts listed, and run an on-demand scan.

Button

Function

Scan Now

Opens the Virus and Malware Scan Wizard . This enables an administrator to react to incoming alerts with an immediate scan. When configured appropriately, this scan can eliminate the problem by cleaning or deleting the infected files. For more information on running these scans, see Using the Virus and Malware Scan Wizard.

Remove

Removes the selected event alert(s) from the list.

Export

Exports the event alerts list to a comma separated value (.csv) file.

Only event alerts from the previous 90 days are displayed. If there are a large number of event alerts and you no longer need to view all of them, you can use the Remove button to remove unwanted alerts from the list. This does not delete them from the database, however, so you can always view these removed alerts by generating an appropriate report.

Virus and Malware Event Alerts View List

The Virus and Malware Event Alerts view on the Groups page provides a comprehensive and constantly updated list of all event alerts generated by virus and malware scans performed on a selected group.

Column

Description

Virus/Malware Name

The name of the virus or malware detected. Each example links to the relevant entry in the Virus/Malware Details page.

Endpoint Name

The name of the endpoint where the virus or malware was detected.

Each example links to the relevant entry in the endpoint's Details page.

IP Address

The IP address of the endpoint where the virus or malware was detected.

Alert Source

The type of scan that generated the alert:

  • Real-time Monitoring Policy
  • Recurring Virus and Malware Scan
  • Scan Now

Status

The alert status:

  • (Cleaned)
  • (Deleted)
  • (Not Cleaned)
  • (Quarantined)

Both the Cleaned status and Deleted status use the same icon because in both cases the malicious code has been removed and no longer presents a danger.

Alert Message

The message related to the alert status:

  • Cleaned
  • Deleted
  • Not Cleaned
  • Quarantined

File Name

The name of the file in which the malware was detected.

File Path

The file path of the file in which the malware was detected.

Last Detected Date (Server)

The date and time the alert was generated (server time).

You can use the Group By row, available above the list, to sort list items into groups based on column headers. This feature (along with the filters above the toolbar) is useful when you need to examine a large number of event alerts.