Endpoint Manager

• Introduction To Comodo Client - Security For MAC
  • System Requirements
  • Install Comodo Client - Security For MAC
  • Start CCS
  • Understand CCS Alerts
• The Summary Screen
  • View Antivirus Events
• Antivirus Tasks - Introduction
  • Run A Scan
  • Update Virus Database
  • Quarantined Items
  • Scanner Settings
    • Real Time Scan
    • Manual Scan
    • Scheduled Scan
    • Exclusions
  • Scheduled Scans
  • Scan Profiles
• More Options - Introduction
  • Preferences
    • Language Settings
    • Log Settings
    • Update Settings
  • Manage My Configurations
    • Comodo Preset Configurations
    • Import / Export And Manage Personal Configurations
  • Diagnostics
  • Browse Support Forums
  • Help
  • About
  • View Logs
    • Antivirus Logs
      • Filter Antivirus Logs
    • Alerts Displayed Logs
      • Filter Alerts Displayed Logs
    • Tasks Launched Logs
      • Filter Tasks Launched Logs
    • Configuration Change Logs
      • Filter Configuration Change Logs
• Appendix 1 - CCS For Mac How To Tutorials
  • Scan Your Computer For Viruses
  • View Antivirus Events
  • Configure Database Updates
  • Quickly Set Up Security Levels
  • Change CCS Language Settings
  • Run An Instant Antivirus Scan On Selected Items
  • Create A Scheduled Scan
  • Restore Incorrectly Quarantined Items
  • Switch Off Automatic Antivirus Updates
  • Suppress Alerts With Silent Mode
• About Comodo Security Solutions

Filter 'Alerts Displayed' Logs

You can create custom views of all logged events according to the following criteria:

• Advice: Filter events by the path at which the malware was found

• Answer: Filter events according to the user's response. For example,'Skip once'.

• Answered: Filter events by specific dates

• Description: Filter events by malware name

• Treat As: Not used

• Type: Filter events by alert category. Possible categories are antivirus alerts and execution alerts. Execution alerts are coming in a future version of CCS.

Configure Event Filters

• Open Comodo Client Security

• Click 'More' > 'View Logs' > 'Other Logs' > 'Alerts Displayed'

• Right-click inside the log viewer module and choose 'Advanced Filter'

There are 6 types of filter. Each of these can be further refined by selecting or deselecting specific parameters.

 

• Advice: View logs that concern files at a specific path. You need to enter the path in the field provided:

• Select 'Contains' or 'Does Not Contain' option from the drop-down.

• Contains - Show only those events which concern items at the location you specify. You can add multiple locations.

• Does Not Contain - Show events which did not concern files at the locations you specify.

• Answer: Filter logs by the action taken by the user on the detected threat. You can then filter by a specific type of action. For example, to only show events where the threat was quarantined.

• Select 'Equal' or 'Not Equal' from the drop-down.

• Equal – Show only events which feature the action you select. You can select multiple actions.

• Not Equal - Inverts your choice. For example, select 'Not Equal' + 'Quarantine' to view every event except those that were quarantined.

• Select the specific actions you want to view from:

• Unknown – Events where the user did not respond to alerts

• Disinfect – Events where the user chose to run a disinfection routine on the malware

• Delete – Events where the user chose to clean (delete) the file

• Quarantine – Events where the user chose to place the malware files in quarantine

• Skip Once - Events where the user chose to ignore the alert once

• Add To Exclusions - Events where the user chose to include the files to exclusions list

• False Positive – Not used.

• Answered: Filter logs by date of the response. You need to enter the date in the field provided. You can then refine your filter with other parameters:

• Select any of the following option from the second drop-down:

• Equal – Show only events that occurred on the specified date

• Greater than - Show only events that occurred later than the specified date

• Greater than or Equal – Show only events that occurred later than or on the specified date

• Less than - Show only events that occurred before the specified date

• Less than or Equal – Show only events that occurred before than or on the specified date

• Not Equal – Show events that occurred on all dates except the specified date

• Description: Filter logs by the name of the malicious item. You need to enter the name of the malware in the field provided:

• Select 'Contains' or 'Does Not Contain' from the second drop-down:

• Contains – Show only those events which concern the malware named in the text field. You can add multiple malware names

• Does Not Contain - Show only those events which did not involve the malware named in the text field
  

• Type: Filter events by alert category. Possible categories are antivirus alerts and execution alerts. Execution alerts are coming in a future version of CCS.

• Select 'Equal' or 'Not Equal' from the second drop-down.

• Equal - Show only events which feature the alert type you select.

• Not Equal - Inverts your choice. For example, select 'Not Equal' + 'Execution Alert' to view all antivirus alert events.