there is a way fro retrive md5 from web console ?
thanks Alberto
Best answer by shorTcircuiT
View original
Userlevel 7
I assume you are wanting the MD5 of file(s) marked as malicious by WSA?
Again, i am new to the Endpoint, so hopefully someone like@ will drop by and reply as well. I have not been able to locate MD5's of suspicious files directly from within the Console, but I have set up an Alert that provides the information.
The alert emails me with any detection, and it is highly customizable. Being that I am using a limited device trial keycode, I kept my own alert simple, yet it does identify the device (hostname), the suspect file, the malware type, and the MD5.
This is of course not quite real time or on demand, but I do get the email anytime a possible problem is detected.
Again, i am new to the Endpoint, so hopefully someone like
The alert emails me with any detection, and it is highly customizable. Being that I am using a limited device trial keycode, I kept my own alert simple, yet it does identify the device (hostname), the suspect file, the malware type, and the MD5.
This is of course not quite real time or on demand, but I do get the email anytime a possible problem is detected.
Userlevel 7
Update. As noted, I am learning. I have found a way to locate the MD5 directly from the Console for files that have been flagged as malicious by WSA
There are a couple ways of doing this.
1)
Log into the Console
Click Endpoint Protection
In the bottom part of the right side, "Recently Infected Endpoints" locate the Endpoint in questoin
Click the VIEW link in the Blocked Programs colums
In the Report window, click the Save icon at the upper right corner.
Choose to save to file or open to Excel (If installed)
2)
Log into the Console.
Click Endpoint Protection
Click Group Management tab
On the left panel, select the group the Endpoint in question is located in, or scroll down the listing of All Endpoints to locate.
On the top right panel, click the Endpoint in question
On the bottom right panel, locate the scan line with the infection report and click the VIEW link in the status column.
In the Report window, click the Save icon at the upper right corner.
Choose to save to file or open to Excel (If installed)
Solution 1 will give you ALL noted infections ever found on the Endpoint, including the MD5's
Solutoin 2 will give you ONLY the most recently detected infections on the Endpoint, including the MD5's
Again my apologies for not being quicker and finding the best answer.
David
There are a couple ways of doing this.
1)
Log into the Console
Click Endpoint Protection
In the bottom part of the right side, "Recently Infected Endpoints" locate the Endpoint in questoin
Click the VIEW link in the Blocked Programs colums
In the Report window, click the Save icon at the upper right corner.
Choose to save to file or open to Excel (If installed)
2)
Log into the Console.
Click Endpoint Protection
Click Group Management tab
On the left panel, select the group the Endpoint in question is located in, or scroll down the listing of All Endpoints to locate.
On the top right panel, click the Endpoint in question
On the bottom right panel, locate the scan line with the infection report and click the VIEW link in the status column.
In the Report window, click the Save icon at the upper right corner.
Choose to save to file or open to Excel (If installed)
Solution 1 will give you ALL noted infections ever found on the Endpoint, including the MD5's
Solutoin 2 will give you ONLY the most recently detected infections on the Endpoint, including the MD5's
Again my apologies for not being quicker and finding the best answer.
David
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.