Reference Guide
Security Management Server Virtual - AdminHelp v9.8
79
2. Search or select a Hostname, then the Endpoint Groups tab.
Endpoint Threat Events
This page lists information on threat events for the selected endpoint.
1. In the left pane, click Populations > Endpoints > Workstation.
2. Search or select a Hostname, then the Threat Events tab.
Threat Event Data
Severity - Severity of the threat, where Critical is the most dangerous threat to the endpoint, and
Information is just a notification of an event that is unlikely to harm the endpoint. (Critical, Major, Minor,
Warning, Information)
Category - Category of the threat. Upon identification, threats are sorted into these categories: Malware,
Web Filtering, Web Protection, and Firewall.
Event ID - Unique number assigned to each threat event.
Description - Description of the last preventative action taken to handle the threat.
User Name - The domain\user name associated with the endpoint where the threat was identified.
Received - Date/timestamp when the last action was taken to handle a threat.
Navigate the Threat Event Data
To sort the data, click a column header.
Use the controls at the bottom of the page to:
Advance to the top of the data.
Go back one page.
Go forward one page.
Advance to the end of the data.
Increase or reduce the items per page.
View the range of items currently displayed.
Refresh the data.
Endpoint Advanced Threats
This page allows you to view, export, quarantine, or waive unsafe files that trigger events on the selected
endpoint.
An event is not necessarily a threat. An event is generated when a recognized file or program is quarantined,
safe listed, or waived. Threats are a category of events that are newly detected as potentially unsafe files or
programs and require guided remediation.
1. In the left pane, click Populations > Endpoints.
2. Search or select a Hostname, then the Advanced Events tab.
List of Events