Jump to content

Filtered websites log

sdnian
 Share

Recommended Posts

sdnian

sdnian 6

Posted
Posted

I saw the log files in EEA, there are some records in the "Filtered websites" page. But I can't find out where are these logs in ERA Web Console? Could someone figure it out, please? Thank you.

 

post-990-0-20851200-1448844986_thumb.png

Link to comment
Share on other sites
  • ESET Moderators
TomasP

TomasP 316

Posted
  • ESET Moderators
Posted

Hi, most logs are not transferred to ERA by default.

Once you create a report which asks for these logs (and they have an appropriate severity set on the client), the Agent will start sending these so that the report can be generated.

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,074

Posted
  • Administrators
Posted

We are already discussing this internally. This kind of logs is not transferred to ERA as the events are considered resolved once a connection has been terminated. However, I can think of several good reasons why transferring records about blocked connections to ERAS would be useful.

Link to comment
Share on other sites
HSW

HSW 9

Posted
Posted (edited)

This will be a good Feature! Yesterday i had a Client with have some Connection to malewaresites (https://loadm.exelator.com - the fund was a lucky punch and only coincidence). No warning by eset or our hardware firewall. I find with malewarebytes (https://de.malwarebytes.org/junkwareremovaltool/) Some Junkware and clear them (see log). Please add to the list of future improvements.

 

@sdnian if you have the full eset security and not only the antivirus you can do this over webcontrol

 

post-7629-0-42850600-1448949577_thumb.jpg

JRT.txt

Edited by HSW
Link to comment
Share on other sites
sdnian

sdnian 6

Posted
  • Author
Posted

Hi.. HSW, thanks for your information. But I think we have different issue. It's not about what product that clients used, EEA or EES.. It is about we should have enough information to monitor what happened in every client. That's why we used ERAS.

 

By the way.. This top post these logs, it is because the computer has been installed two Chrome extensions. Every time launch Chrome, EEA show several alert messages. But EEA doesn't detect any malware. If these logs don't send back to ERA Web Console, how can I find out this issue?

Link to comment
Share on other sites
HSW

HSW 9

Posted
Posted

Hi.. HSW, thanks for your information. But I think we have different issue. It's not about what product that clients used, EEA or EES.. It is about we should have enough information to monitor what happened in every client. That's why we used ERAS.

 

By the way.. This top post these logs, it is because the computer has been installed two Chrome extensions. Every time launch Chrome, EEA show several alert messages. But EEA doesn't detect any malware. If these logs don't send back to ERA Web Console, how can I find out this issue?

 

Thx for the info with Chrome, i will prove this.

 

I know what you mean. You can see blocked sites on the server, when you activate webcontrol to the clients, then you see the logs for this. (but for activate webcontrol you need EES licences EEA is not enough)

 

"Web access protection" what you mean, is not logging to the eras atm. You can only log to txt localy.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...