Filter 'Configuration Changes' Logs
- Click 'More' on the 'CAV' home screen
- Click 'View Logs' in the 'More' interface
- Click Other Logs > 'Configuration Changes' link in 'Log Viewer' interface.
- Comodo Antivirus for MAC allows you to create custom views of all logged events according to user defined criteria.
- From 'Configuration Changes' interface, you can chose the category of filter from a drop down box.
- Each of these categories can be further refined by either selecting or deselecting specific filter parameters or by the user typing a filter string in the field provided.
- Click ‘Advanced Filter’ drop-down when you have chosen the category upon which you wish to filter.
- You have 4 categories of filter that you can add.
- You can chose the category of filter from the 'Advanced Filter' drop-down.
- Each of these categories can be further refined by either selecting or deselecting specific filter parameters or by entering a filter string in the field provided.
- Following are the options available in the drop down menu:
i. Action: The 'Action' option allows you to filter the log entries based on the actions executed like change in options, addition of objects, strings and so on. Selecting the 'Action' option displays a drop-down box and a set of specific filter parameters that can be selected or deselected.
-
Select 'Equal' or 'Not Equal' option from the drop-down box. 'Not Equal' will invert your selected choice.
-
Now select the checkboxes of the specific filter parameters to refine your search. The parameters available are:
- Object Added
- Object Changed
- Object Removed
- Option Changed
- String Added
- String Removed
For example, if you choose Equal in the drop-down and select 'Object Added' checkbox, then, only the log entries with the value 'Object Added' in the 'Action' column will be displayed.
ii. Modifier: The 'Modifier' option allows you to filter the log entries based on the entity that is responsible for the configuration change. It can be the user or the response given to an alert. Selecting the 'Modifier' option displays a drop-down box and a set of specific filter parameters that can be selected or deselected.
-
Select 'Equal' or 'Not Equal' option from the drop-down box. 'Not Equal' will invert your selected choice.
-
Now select the checkboxes of the specific entities that has effected the change, to refine your search. The parameters available are:
- User
- Auto Learn
- Antivirus Alert
- Execution Alert
For example, if you have chosen Equal in the drop-down and selected 'User' checkbox, then, only the log entries related to the configuration changes effected by responses to 'User' will be displayed.
-
Name: The 'Name' option allows you to filter the log entries by entering the name of the parameter changed. Selecting the 'Name' option displays a drop-down field and text entry field.
-
Select 'Contains' or 'Does Not Contain' option from the drop-down menu.
-
Enter the name of the change, partly or fully as filter criteria in the text box.
For example, if you choose 'Contains' option from the drop-down and enter the phrase '/var/' in the text field, then only the log entries containing the /var/ in the name column will be displayed.
iv. Object: The 'Object' option enables you to filter the log entries related to the objects modified during the configuration change. Selecting the 'Object' option displays a drop down menu and the objects of CAV configuration, that can be selected or deselected.
-
Select 'Equal' or 'Not Equal' option from the drop down menu. 'Not Equal' will invert your selected choice.
-
Now select the check-boxes of the specific objects as filter parameters to refine your search. Use toggle to move forward/backward to to see all the parameters options.
For example, if you have chosen 'Equal' from the drop-down and selected 'Antivirus: Mode' checkbox, only the log entries related to the change of Antivirus mode will be displayed.
- You can add more filter types in the 'Advanced Filter' pane by clicking the button at the top right of the filter pane.
- You can also remove a filter type by clicking the button at the top right of the filter pane.
- The filters to be applied to the
Antivirus log viewer. Only those entries selected based on your set
filter criteria will be displayed in the log viewer.