View the History of a Verdict
Table of Contents
4.2 (EoS)
Expand all | Collapse all
-
- Set Up the Endpoint Infrastructure
- Activate Traps Licenses
-
- Endpoint Infrastructure Installation Considerations
- TLS/SSL Encryption for Traps Components
- Configure the MS-SQL Server Database
- Install the Endpoint Security Manager Server Software
- Install the Endpoint Security Manager Console Software
- Manage Proxy Communication with the Endpoint Security Manager
- Load Balance Traffic to ESM Servers
-
- Malware Protection Policy Best Practices
- Malware Protection Flow
- Manage Trusted Signers
-
- Remove an Endpoint from the Health Page
- Install an End-of-Life Traps Agent Version
-
-
- Traps Troubleshooting Resources
- Traps and Endpoint Security Manager Processes
- ESM Tech Support File
-
- Access Cytool
- View the Status of the Agent Using Cytool
- View Processes Currently Protected by Traps Using Cytool
- Manage Logging of Traps Components Using Cytool
- Restore a Quarantined File Using Cytool
- View Statistics for a Protected Process Using Cytool
- View Details About the Traps Local Analysis Module Using Cy...
- View Hash Details About a File Using Cytool
View the History of a Verdict
The verdict change history—available with
ESM 4.0 and later releases—helps you to identify the flow of changes
to a verdict and the source (module) of all applied verdicts. You
can view the verdict change history associated with each file hash
record on the Hash Control page.
For the ESM Console to
log the verdict change, Traps must have applied the verdict to one
or more agents. WildFire and Hash Control verdicts are listed in
the order they are applied and Local Analysis verdicts are listed
last.
- From the ESM Console, select PoliciesMalwareHash Control.
- Select the record for a hash. If necessary, Filter Hash Control Records to reduce the number of records the ESM Console displays.
- In the Previously Reported Verdicts section, review up to five of the most recent verdicts that were applied on an agent.
- To view details about the endpoints which have opened the file associated with the hash, select Agent List.