Environment
• Endpoint Standard: All versions
Question
After an endpoint is fully scanned by the background scanner, is there anywhere a report is generated within the console to review suspect and/or malicious detections?
Answer
The results of background scans are available as events within the Investigate page, with Alerts generated if malicious files are found.
- To quickly find if a sensor has seen malware on a machine, search the Investigate page with the following query:
file_scan_result:*
Additional Notes
There isn't anywhere within the console that will reflect the exact files scanned and their reputations, but the sensor will report any potentially malicious files found to the console.
Related Content