Fortinet black logo

Administration Guide

Home FortiNDR 7.0.0 Administration Guide
7.0.0
7.4.3
7.4.2
7.4.1
7.4.0
7.2.3
7.2.2
7.2.1
7.2.0
7.1.0
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0

Malware Log

Malware Log

Malware Log reports provide administrators with a detailed view of malicious malware detected.

Details include Date, MD5 checksum, File Type such as portable executable, HTML, and so on. Detection Name is the unique name of the malware. Device Type is the source device from which the sample file is, eg. Sniffer, ICAP, etc.

The Malware Log also shows the Confidence Level as a percentage and as well as a Risk verdict of High, Medium, Low or No Risk.

The Indicator displays icons if the detection has IOC detail. Feature Detection shows the detection feature type of the malware.

Threat Report has the following pages.

\Accepted

Files accepted by FortiNDR parsers.

Processed

Both clean and malicious files processed by FortiNDR engines.

Detected

Malicious files processed by FortiNDR engines.

Double-click an entry to view a summary of the log entry

Double-click a zip folder to view what is inside the folder.

Enable Showing Zip Container to view the extracted files in the page.

Advanced search

When you type a key words into the search field it will display partial results. Click the plus sign (+) to include filterable columns in your search. The Search function only supports exact matches. Wildcards are not supported.

You can also filter the logs by clicking the filter icon in the column heading.

Previous
Next

Malware Log

Malware Log reports provide administrators with a detailed view of malicious malware detected.

Details include Date, MD5 checksum, File Type such as portable executable, HTML, and so on. Detection Name is the unique name of the malware. Device Type is the source device from which the sample file is, eg. Sniffer, ICAP, etc.

The Malware Log also shows the Confidence Level as a percentage and as well as a Risk verdict of High, Medium, Low or No Risk.

The Indicator displays icons if the detection has IOC detail. Feature Detection shows the detection feature type of the malware.

Threat Report has the following pages.

\Accepted

Files accepted by FortiNDR parsers.

Processed

Both clean and malicious files processed by FortiNDR engines.

Detected

Malicious files processed by FortiNDR engines.

Double-click an entry to view a summary of the log entry

Double-click a zip folder to view what is inside the folder.

Enable Showing Zip Container to view the extracted files in the page.

Advanced search

When you type a key words into the search field it will display partial results. Click the plus sign (+) to include filterable columns in your search. The Search function only supports exact matches. Wildcards are not supported.

You can also filter the logs by clicking the filter icon in the column heading.

Previous
Next