cancel
Showing results for 
Search instead for 
Did you mean: 
suryaprakash
Level 7

Report on Malware attack

I am planning to build one report which tells me what type of malware [ ransomware, Trojan horses, e.t.c, ] was blocked and country from which attack happened.

is there any predefined report for that or can anyone tell me how to build one?

0 Kudos
3 Replies
narewa
Level 7

Re: Report on Malware attack

Hi

I created one for WannaCry and Petya

1. Querirs -> Events -> Threat Events -> Labels are: Threat Naem

2. Columns you can choose what you need

3 Filter

     Wanna.PNG

In this example I used this query to detect WannaCry,

You can also create queries for ExtraDat compliancy etc

0 Kudos
suryaprakash
Level 7

Re: Report on Malware attack

Hi Narewa,

Thank you for update, if would be great if u tell me how to create queries.

0 Kudos
narewa
Level 7

Re: Report on Malware attack

Hi

To create queries

From EPO got to Reporting->Queries and Reports->New Query->Events->Threat Events

0 Kudos