Endpoint Manager

• Introduction To Comodo Client - Security For Linux
  • Special Features
  • System Requirements
  • Install Comodo Client - Security For Linux
  • Start CCS For Linux
  • Understand CCS Alerts
• The Summary Screen
• Antivirus Tasks - Introduction
  • Run A Scan
  • Update Virus Database
  • Scheduled Scans
  • Quarantined Items
  • Scan Profiles
  • Scanner Settings
    • Real Time Scan
    • Manual Scan
    • Scheduled Scan
    • Exclusions
• More Options - Introduction
  • Preferences
    • Language Settings
    • Log Settings
    • Connection Settings
    • Update Settings
    • External Device Control Settings
  • Manage My Configurations
    • Comodo Preset Configuration
    • Import / Export And Manage Personal Configurations
  • Diagnostics
  • View Antivirus Events
    • Log Viewer Module
      • Antivirus Logs
        • Filter Antivirus Logs
      • Device Control Logs
        • Filter Device Control Logs
      • Alerts Displayed Logs
        • Filter Alerts Displayed Logs
      • Tasks Launched Logs
        • Filter Tasks Launched Logs
      • Configuration Change Logs
        • Filter Configuration Change Logs
  • Browse Support Forums
  • Help
  • About
• Appendix 1 - CCS For Linux How To Tutorials
  • Scan Your Computer For Viruses
  • View Antivirus Events
  • Configure Database Updates
  • Quickly Set Up Security Levels
  • Change CCS Language Settings
  • Run An Instant Antivirus Scan On Selected Items
  • Create A Scheduled Scan
  • Restore Incorrectly Quarantined Item(s)
  • Switch Off Automatic Antivirus Updates
  • Control External Device Accessibility
• About Comodo Security Solutions

Filter 'Alerts Displayed' Logs

You can create custom views of all logged events according to the following criteria:

• Advice: Filter events by the path at which the malware was found

• Answer: Filter events according to the user's response. For example,'Skip once'.

• Answered: Filter events by specific dates

• Description: Filter events by malware name

• Flags: Not used

• Treat As: Not used

• Alert Type: Filter events by alert category. Currently, 'Antivirus' is the only category available.

Configure Event Filters

• Open Comodo Client Security

• Click 'More' > 'View Antivirus Events'

• Click the 'More' button to open the log viewer module

• Select 'Alerts Displayed' in the left-menu

• Right-click inside the log viewer module and select 'Advanced Filter'

OR

• Click 'View' on the menu bar and select 'Advanced Filter'

There are 5 types of filter. Each of these can be further refined by selecting or deselecting specific parameters.

• Select a filter criteria and click 'Add'

1. Advice: View logs that concern files at a specific path. You need to enter the path in the field provided:

• Select 'Contains' or 'Does Not Contain' option from the drop-down.

• Contains - Show only events which concern items at the location you specify. You can add multiple locations.

• Does Not Contain - Inverts your choice. Show all alerts except those about items in the location you specify.

2. Answer: Filter logs by the action taken by the user at the alert. You can then filter by a specific type of action. For example, show events where the threat was quarantined.

• Select 'Equal' or 'Not Equal' from the drop-down.
  

• Equal - Show only events which feature the action you select. You can select multiple actions.

• Not Equal - Inverts your choice. For example, select 'Not Equal' + 'Quarantine' to view every alert except those that where the threat was quarantined.

• Select the action you want to view:

• Unknown - Events where the user did not respond to the alert.

• Quarantine - Events where the user chose to place the threat in quarantine

• Skip Once - Events where the user chose to allow the threat.

• Add to Exclusions - Events where the user created an exception for the threat at the alert.

• Note – Other actions shown in the screen are not applicable.

3. Answered: Filter logs by date of the response. You need to enter the date in the field provided. You can then refine your filter with other parameters:

• Select any of the following options in the drop-down:

• Equal – Show only events that occurred on the specified date

• Greater than - Show only events that occurred later than the specified date

• Greater than or Equal – Show only events that occurred on, or after, the specified date

• Less than - Show only events that occurred before the specified date

• Less than or Equal – Show only events that occurred on, or before, the specified date

• Not Equal – Show events that occurred at any time except the specified date

4. Description: Filter logs by the name of the malicious item. You need to enter the name of the malware in the field provided:

• Select 'Contains' or 'Does Not Contain' from the drop-down:

• Contains – Show only those events which concern the malware named in the text field. You can add multiple malware names.

• Does Not Contain - Show only those events which did not involve the malware named in the text field.
  

5. Type: Filter events by alert category. Currently, 'Antivirus' is the only category available.

• Select 'Equal' or 'Not Equal' from the drop-down.

• Equal – Show only events which feature the alert type you select.
  

• Not Equal - Inverts your choice.