Fortinet black logo

Administration Guide

File Scan Search

Copy Link
Copy Doc ID af12b5b0-1c45-11ea-9384-00505692583a:372967
Download PDF

File Scan Search

To view all files and search files, go to FortiView > File Scan Search. You can apply search filters to drill down the information displayed. Filenames can also be searched based on name patterns, and a snapshot report can be created for all search results.

If the device is the primary (master) node of a cluster, all jobs processed by the cluster are available to be searched. If the device is a worker (slave) node of a cluster, only jobs processed by this device are available to be searched.

The following options are available:

Refresh

Click the Refresh icon to refresh the entries displayed after applying search filters.

Search Field

Enter the detection time frame and click to add additional search filters for Device, File MD5, Filename, File SHA1, File SHA256, Job ID, Malware, Rating, Service, Source, User, Device, Infected OS, Rated by, Submit User, Submit Filename, Suspicious Type, or Scan Unit. When the search criteria is a Filename, click the = sign to toggle between the exact and pattern search.

Time Period

Select a time period to apply to the search.

Export to Report

Select to open the Report Generator dialog box. Select to generate a PDF or CSV report. You can wait until the report is ready to view, or navigate away and find the report later in Log & Report > Report Center page.

Customize

Click the Customize icon to customize the Job View settings page. Go to Job View Settings for more information.

Action

View Details

Click the View Details icon to view file information. The information displayed in the view details page is dependent on the file type and risk level.

Archived File

The icon displays that the file as an archived file.

FortiGuard Advanced Static Scan

The icon displays that the file is rated by user's overridden verdict or FortiGuard advanced static scan.

File Inside Archive

The icon displays that the file is a file extracted from an archive file.

Rescan Job

The icon displays that the job is Malicious from an AV Rescan or a customized rescan job of the Malicious file.

Video

Click on the Video button to play the video of the scan job. Scan videos are available in On Demand scans if user has the privilege.

Perform Rescan

Click the icon to rescan the entry. In the Rescan Configuration dialog box you can select to skip Static Scan, AV Scan, Cloud Query, and Sandboxing. Click OK to continue. Click the close icon or select the Close button to close the dialog box.

The rescan job can be found in File Input > File On-Demand page.

Pagination

Use the pagination options to browse entries displayed.

The following information is displayed:

Total Jobs

The number of jobs displayed and the total number of jobs.

The displayed columns are determined by settings defined in System > Job View Settings > File Detection Columns page. Go to Job View Settings for more information.

File Scan Search

To view all files and search files, go to FortiView > File Scan Search. You can apply search filters to drill down the information displayed. Filenames can also be searched based on name patterns, and a snapshot report can be created for all search results.

If the device is the primary (master) node of a cluster, all jobs processed by the cluster are available to be searched. If the device is a worker (slave) node of a cluster, only jobs processed by this device are available to be searched.

The following options are available:

Refresh

Click the Refresh icon to refresh the entries displayed after applying search filters.

Search Field

Enter the detection time frame and click to add additional search filters for Device, File MD5, Filename, File SHA1, File SHA256, Job ID, Malware, Rating, Service, Source, User, Device, Infected OS, Rated by, Submit User, Submit Filename, Suspicious Type, or Scan Unit. When the search criteria is a Filename, click the = sign to toggle between the exact and pattern search.

Time Period

Select a time period to apply to the search.

Export to Report

Select to open the Report Generator dialog box. Select to generate a PDF or CSV report. You can wait until the report is ready to view, or navigate away and find the report later in Log & Report > Report Center page.

Customize

Click the Customize icon to customize the Job View settings page. Go to Job View Settings for more information.

Action

View Details

Click the View Details icon to view file information. The information displayed in the view details page is dependent on the file type and risk level.

Archived File

The icon displays that the file as an archived file.

FortiGuard Advanced Static Scan

The icon displays that the file is rated by user's overridden verdict or FortiGuard advanced static scan.

File Inside Archive

The icon displays that the file is a file extracted from an archive file.

Rescan Job

The icon displays that the job is Malicious from an AV Rescan or a customized rescan job of the Malicious file.

Video

Click on the Video button to play the video of the scan job. Scan videos are available in On Demand scans if user has the privilege.

Perform Rescan

Click the icon to rescan the entry. In the Rescan Configuration dialog box you can select to skip Static Scan, AV Scan, Cloud Query, and Sandboxing. Click OK to continue. Click the close icon or select the Close button to close the dialog box.

The rescan job can be found in File Input > File On-Demand page.

Pagination

Use the pagination options to browse entries displayed.

The following information is displayed:

Total Jobs

The number of jobs displayed and the total number of jobs.

The displayed columns are determined by settings defined in System > Job View Settings > File Detection Columns page. Go to Job View Settings for more information.