With TRITON AP-WEB, when Advanced File Analysis is enabled on the Settings > Scanning > Scanning Options page, you can use the
Reporting > Advanced File Analysis report page to view specific information about the results of advanced file analysis. The report is designed to provide visibility into suspicious files accessed through your network and sent to either of the following for analysis:
Use the Customize option to add or remove columns from the table. In the window provided, check the box next to the column headings you want to include. Uncheck the box next to any column heading you want to remove.
Hash match means that the file hash (not the file) was actually sent for analysis and was found in the records of the analysis platform. The file is recognized and the Threat Level is known.
New analysis means we have don't have a record of having seen the file before so the entire file was sent for analysis. Analysis shows whether or not the file contains a threat.
Click Export to CSV to add the data to a file named excel.csv, by default. If the displayed data has been filtered, the same filter is used. All columns are included in the exported data, even if not previously selected for the report.
Click Refresh to update the displayed data to include information that was added to the log database files since the report was initially displayed.
Configure delegated administrator access to the Advanced File Analysis report using the Access investigative reports and
Report on all clients options in the Reporting Permissions section of the
Delegated Administration > Edit Roles page. The menu option Advanced File Analysis report will not be available to administrators whose role does not have both options selected.