rockshox 7 Posted January 25, 2019 Posted January 25, 2019 Where do I view computer scan logs in ESMC 7? In ERA 5 it was pretty simple, but I am unable to locate it in ESMC 7. Thanks
Administrators Marcos 5,451 Posted January 25, 2019 Administrators Posted January 25, 2019 Whole on-demand scan logs are not transferred to the ESMC server. However, if a threat has been detected it's logged with the warning or critical severity if cleaning failed and these records appear in the Threats pane in the ESMC console.
ESET Staff MichalJ 434 Posted January 25, 2019 ESET Staff Posted January 25, 2019 You can also use a filter for a particular "scan" which will show you all detected files that have occurred within one computer scan. When you select the scan you are interested in, you see the high level (needed data). For what purpose you would like to see the full scan log? What that has any value is missing?
bbahes 29 Posted January 25, 2019 Posted January 25, 2019 2 hours ago, Marcos said: Whole on-demand scan logs are not transferred to the ESMC server. However, if a threat has been detected it's logged with the warning or critical severity if cleaning failed and these records appear in the Threats pane in the ESMC console. @Marcos What method would you suggest for firewall logging in ESMC v7? For example, we install new application that needs to access various network resources. We don't get clear specification from vendor on ports, so we need to use various forms for network capture. What would be best method to get logs from client to ESMC for specific application network usage?
rockshox 7 Posted January 25, 2019 Author Posted January 25, 2019 I found that if I trigger a Scan from the ESMC console and then dig into the task, I can see the Execution Details from the Scan which is basically what I was looking for. I don't really need the full log, just the high level metadata, Just so I can see the scan actually ran, how many files were scanned and everything was clean. However, what triggered the question in the first place is the fact that we have a scheduled weekly scan that runs at the same time every week on all computers. Those scans seem to be invisible to ESMC. I can login to a client, check the "Computer Scan" logs and see the scan ran, how many files were scanned etc.., but I can't see that high level information in ESMC anywhere that I have been able to find for the scan we have setup in the Scheduler.
ESET Staff MichalJ 434 Posted January 28, 2019 ESET Staff Posted January 28, 2019 It should be reported in the report " Scans in last 30 days ". Even scans done by idle state scanner, or first scan should be there.
rockshox 7 Posted January 28, 2019 Author Posted January 28, 2019 MichalJ - Thank you for the info. I was able to find it in the reports as you suggested. MichalJ 1
Recommended Posts