- Open Endpoint Manager > Click 'Security Sub-Systems' > 'Security Dashboards'
- The security dashboard is a list of all security-related events on managed Windows endpoints. The events in this interface are generated by the antivirus, containment and application-control modules.
- Example events you will see in the security dashboard are:
- When malware is blocked, quarantined or ignored
- When someone changes the trust rating of a file, or submits a false positive
- When a file is run in the container
- When files are added to, or removed from the client security file list
- The interface also lets you change the trust rating of a file, move files in or out of quarantine, and view file details and activity.
To view security events by device view
- Login to ITarian
- Click 'Applications' > 'Endpoint Manager'
- Click 'Security Sub-Systems' > 'Security Dashboards'
- Select the 'Device View' tab
This will show the security events by particular device
DATE TIME - shows the date and time of the event occured in the specific device
DEVICE NAME - name of the device
COMPONENTS - shows in which security component type the event occured
For example:We have four types of security components
- Application control
- Autoruns control
ACTION - shows what kind of action occured in the endpoint
For example: some actions are malware detected,quarantined,run virtually,file updated or deleted
LAST ACTION - shows what kind of action occured most recently
For example :some recent actions will be deleted from quarantine,malware deleted from file,run restricted,ignored
# OF FILES - number of files in the event
ADDITIONAL INFO - Shows the status of the action taken on the event.
For example: The types of action are