sdnian 6 Posted November 30, 2015 Share Posted November 30, 2015 I saw the log files in EEA, there are some records in the "Filtered websites" page. But I can't find out where are these logs in ERA Web Console? Could someone figure it out, please? Thank you. Link to comment Share on other sites More sharing options...
ESET Moderators TomasP 318 Posted November 30, 2015 ESET Moderators Share Posted November 30, 2015 Hi, most logs are not transferred to ERA by default. Once you create a report which asks for these logs (and they have an appropriate severity set on the client), the Agent will start sending these so that the report can be generated. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,277 Posted December 1, 2015 Administrators Share Posted December 1, 2015 We are already discussing this internally. This kind of logs is not transferred to ERA as the events are considered resolved once a connection has been terminated. However, I can think of several good reasons why transferring records about blocked connections to ERAS would be useful. Link to comment Share on other sites More sharing options...
HSW 9 Posted December 1, 2015 Share Posted December 1, 2015 (edited) This will be a good Feature! Yesterday i had a Client with have some Connection to malewaresites (https://loadm.exelator.com - the fund was a lucky punch and only coincidence). No warning by eset or our hardware firewall. I find with malewarebytes (https://de.malwarebytes.org/junkwareremovaltool/) Some Junkware and clear them (see log). Please add to the list of future improvements. @sdnian if you have the full eset security and not only the antivirus you can do this over webcontrol JRT.txt Edited December 1, 2015 by HSW Link to comment Share on other sites More sharing options...
sdnian 6 Posted December 1, 2015 Author Share Posted December 1, 2015 Hi.. HSW, thanks for your information. But I think we have different issue. It's not about what product that clients used, EEA or EES.. It is about we should have enough information to monitor what happened in every client. That's why we used ERAS. By the way.. This top post these logs, it is because the computer has been installed two Chrome extensions. Every time launch Chrome, EEA show several alert messages. But EEA doesn't detect any malware. If these logs don't send back to ERA Web Console, how can I find out this issue? Link to comment Share on other sites More sharing options...
HSW 9 Posted December 1, 2015 Share Posted December 1, 2015 Hi.. HSW, thanks for your information. But I think we have different issue. It's not about what product that clients used, EEA or EES.. It is about we should have enough information to monitor what happened in every client. That's why we used ERAS. By the way.. This top post these logs, it is because the computer has been installed two Chrome extensions. Every time launch Chrome, EEA show several alert messages. But EEA doesn't detect any malware. If these logs don't send back to ERA Web Console, how can I find out this issue? Thx for the info with Chrome, i will prove this. I know what you mean. You can see blocked sites on the server, when you activate webcontrol to the clients, then you see the logs for this. (but for activate webcontrol you need EES licences EEA is not enough) "Web access protection" what you mean, is not logging to the eras atm. You can only log to txt localy. Link to comment Share on other sites More sharing options...
Recommended Posts