Defense+ Logs
Comodo Internet Security records a history of all actions taken by Defense+. Defense+ 'Events' are generated and recorded for various reasons. Examples include changes in HIPS settings, when an application is auto-sandboxed by Behavior Blocker, when an application or process attempts to access restricted areas or when an action occurs that contravenes your HIPS Rulesets.
The Defense+ logs can be viewed by selecting ' Defense+ Events' tab from the 'Show' drop-down of the log viewer interface.
Alternatively, the Defense+ log screen can be accessed by clicking the number beside 'Blocked Intrusions' in the Advanced View of the Home screen in the Auto-Sandbox pane.
Column Descriptions
-
Date - Contains precise details of the date and time of the access attempt.
-
Application - Indicates which application or process propagated the event. If the application has no icon, the default system icon for executable files are used.
-
Flags - Indicates flags set for the kinds of actions against the event triggered by the file.
-
Target - Represents the location of the target file.
-
Alert - Gives the details of the alert displayed for the event
- To export the Defense+ logs as a HTML file click the 'Export' button or right click inside the log viewer and choose 'Export' from the context sensitive menu.
- To open a stored CIS log file, click the 'Open' button .
- To refresh the Defense+ logs, click the 'Refresh' button or right click inside the log viewer and choose 'Refresh' from the context sensitive menu.
- To clear the Defense+ logs click the 'Clear' button .