cancel
Showing results for 
Search instead for 
Did you mean: 

Log Analysis

Jump to solution

Good Day,

I am exporting the THREAT logs from epo console for analysing purpose. while analysing the threat logs, there I could find the field called Device action.

On Device Action field I could see many events like None,Deleted,Would deny, would deny terminate,blocked. Kindly let me know , what device action field exactly explains.

Apart from None,Deleted,blocked,would deny terminate, blocked. Is there any other events will occur ? 

Thanks in Advance.

0 Kudos
1 Solution

Accepted Solutions
tao
Level 13

Re: Log Analysis

Jump to solution

VSE can be configured to perform any of the following steps, when a threat is found - None,Deleted,Would deny, would deny terminate,blocked. So, the threat log would be logging of those pre-configured VSE responses.

0 Kudos
5 Replies
tao
Level 13

Re: Log Analysis

Jump to solution

VSE can be configured to perform any of the following steps, when a threat is found - None,Deleted,Would deny, would deny terminate,blocked. So, the threat log would be logging of those pre-configured VSE responses.

0 Kudos

Re: Log Analysis

Jump to solution

Thanks for your response tao 

Is there any sources  available to know the  meaning of   None,Deleted,Would deny, would deny terminate,blocked etc.

0 Kudos
tao
Level 13

Re: Log Analysis

Jump to solution

This may help:

0 Kudos

Re: Log Analysis

Jump to solution

Thanks for the document tao

0 Kudos
tao
Level 13

Re: Log Analysis

Jump to solution

If this has helped/answered then mark it - it will assist others in their forum search.

0 Kudos