Use Reports to Evaluate Internet Activity > Advanced File Analysis report
|
|
The Time period for the report.
|
|
The Total number of incidents reported for that time period is provided.
|
|
Malicious to include files that analysis has found to be malicious.
|
|
Suspicious to include files found to have suspicious characteristics.
|
|
No threat detected to report on files in which analysis did not find any malicious or suspicious characteristics.
|
|
No analysis available to include files for which no results have been returned. Either these files are an unsupported file type, or an error occurred during the analysis.
|
|
Threat Level: an assessment of the level of threat (malicious, suspicious, or none) associated with a file.
|
|
Incident time: the date and time the file was sent for analysis.
|
|
User: the user name (or IP address) associated with the activity that prompted the file analysis.
|
|
Source: the IP address of the client machine in your network that sent or received the file.
|
|
Destination: the IP address of the recipient of the HTTP request.
|
|
URL: the URL from which the file is being downloaded or to which the file is being posted.
|
|
Analyzed by: the IP address of the Forcepoint Advanced Malware Detection data center (cloud-based) or cluster (on premises).
|
|
Platform: The platform that provided the file analysis (Cloud Service or On Premises).
|
|
Severity: the level of severity of the threat, on a scale of 1 to 10.
|
|
|
Protocol: the protocol used to transfer the file.
|
|
File Name: the name of the file sent for analysis.
|
|
File Hash: a SHA1 hash of the file sent for analysis.
|
|
File Size (KB): the total file size, in kilobytes.
|
|
File Type: the type of file sent for analysis. Types include PDF, Image, Executable, Document, and Web Page as well as others.
|
|
Content Gateway: the IP address of the Content Gateway machine that sent the file for analysis
|
Use Reports to Evaluate Internet Activity > Advanced File Analysis report
|