Manualshelf

Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureData Guardian
131132133134135136137138139140
Navigate the Dell Server
116
Selecting this option logs any newly found scripts that have been blocked or have triggered an alert to
the Syslog server.
Syslog Script Control events contain the following properties:
Alert: The script is allowed to run. A script control event is sent to the Dell Server.
Block: The script is not allowed to run. A script control event is sent to the Dell Server.
Example Message of Script Control
Threats
Select this option to log any newly found threats or changes observed for any existing threat, to the Syslog
server. Changes include a threat being Removed, Quarantined, Waived, or Executed.
There are five types of Threat Events:
threat_found: A new threat has been found in an Unsafe status.
threat_removed: An existing threat has been Removed.
threat_quarantined: A new threat has been found in the Quarantine status.
threat_waived: A new threat has been found in the Waived status.
threat_changed: The behavior of an existing threat has changed (examples: Score, Quarantine
Status, Running Status).
Example Message of Threat Event:
Threat Classifications
Hundreds of threats are classified each day as either Malware or Potentially Unwanted Programs (PUPs). If
this option is selected, you subscribe to be notified when these events occur.
Example Message of Threat Classification:
Security Information and Event Management (SIEM)