bbahes 29 Posted May 4, 2019 Share Posted May 4, 2019 (edited) Hi! After deploying EES 7.1 to 50 clients we have one reporting (notification to e-mail for Malicious file detected (trojan / worm / virus / application) enabled in Notifications) "Malicious file JS/Adware.Agent.AF was detected on computer ..." However, I don't see threat reported in THREATS page in ESMC, but neither on client details > alerts page. We are using default policies and have only 3 that Append firewall rules: Is there something else we need to configure ? Edited May 4, 2019 by bbahes Link to comment Share on other sites More sharing options...
ESET Staff MartinK 375 Posted May 4, 2019 ESET Staff Share Posted May 4, 2019 Could you please double-check filters used to show threats of this device in console? Especially time interval and severity filter should be set in a way all threats are shown. It is possible that it has no "information" severity and thus possibly not shown in console by default. Could you also check "Filtered websites" tab in client logs? This one is collected by ESMC, but not shown in threats view (was integrated to future release). Link to comment Share on other sites More sharing options...
bbahes 29 Posted May 4, 2019 Author Share Posted May 4, 2019 25 minutes ago, MartinK said: Could you please double-check filters used to show threats of this device in console? Especially time interval and severity filter should be set in a way all threats are shown. It is possible that it has no "information" severity and thus possibly not shown in console by default. Could you also check "Filtered websites" tab in client logs? This one is collected by ESMC, but not shown in threats view (was integrated to future release). You are right! Default filter is to filter resolved threats. In this case, JS/AdWare.Agent.AF was resolved on client by connection termination so it did not show up in Threats page. Thanks @MartinK Link to comment Share on other sites More sharing options...
Recommended Posts