Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Administration Guide

File Scan Search

To view all files and search files, go to FortiView > File Scan Search. You can apply search filters to drill down the information displayed. Filenames can also be searched based on name patterns, and a snapshot report can be created for all search results.

If the device is the master node of a cluster, all jobs processed by the cluster are available to be searched. If the device is a slave node of a cluster, only jobs processed by this device are available to be searched.

The following options are available:

Refresh

Click the Refresh icon to refresh the entries displayed after applying search filters.

Search Field

Enter the detection time frame and click to add additional search filters for Device, File MD5, Filename, File SHA1, File SHA256, Job ID, Malware, Rating, Service, Source, User, Device, Infected OS, Rated by, Submit User, Submit Filename, Suspicious Type, or Scan Unit. When the search criteria is a Filename, click the = sign to toggle between the exact and pattern search.

Time Period

Select a time period to apply to the search.

Export to Report

Select to open the Report Generator dialog box. Select to generate a PDF or CSV report. You can wait until the report is ready to view, or navigate away and find the report later in Log & Report > Report Center page.

Customize

Click the Customize icon to customize the Job View settings page. For more information, see Job View Settings.

Action

 

 

View Details

Click the View Details icon to view file information. The information displayed in the view details page is dependent on the file type and risk level.

 

Archived File

The icon displays that the file as an archived file.

 

FortiGuard Advanced Static Scan

The icon displays that the file is rated by user's overridden verdict or FortiGuard advanced static scan.

 

File Inside Archive

The icon displays that the file is a file extracted from an archive file.

 

Rescan Job

The icon displays that the job is Malicious from an AV Rescan or a rescan of the Malicious file.

 

Video

Click the Video button to play the video of the scan. Scan videos are available in On-Demand scans if the user has the privilege.

 

Perform Rescan

Click the icon to rescan the entry. In the Rescan Configuration dialog box, you can skip Static Scan, AV Scan, Cloud Query, and Sandboxing.

Click OK to continue. This feature is only available for files with a Malicious rating and the suspicious jobs detected by Static Scan, AV Scan, Cloud Query and the yara engine. The rescan job is in File Input > File On-Demand.

Pagination

Use the pagination options to browse entries displayed.

The following information is displayed:

Total Jobs

The number of jobs displayed and the total number of jobs.

The displayed columns are determined by settings defined in System > Job View Settings > File Detection Columns page. For more information, see Job View Settings.

File Scan Search

To view all files and search files, go to FortiView > File Scan Search. You can apply search filters to drill down the information displayed. Filenames can also be searched based on name patterns, and a snapshot report can be created for all search results.

If the device is the master node of a cluster, all jobs processed by the cluster are available to be searched. If the device is a slave node of a cluster, only jobs processed by this device are available to be searched.

The following options are available:

Refresh

Click the Refresh icon to refresh the entries displayed after applying search filters.

Search Field

Enter the detection time frame and click to add additional search filters for Device, File MD5, Filename, File SHA1, File SHA256, Job ID, Malware, Rating, Service, Source, User, Device, Infected OS, Rated by, Submit User, Submit Filename, Suspicious Type, or Scan Unit. When the search criteria is a Filename, click the = sign to toggle between the exact and pattern search.

Time Period

Select a time period to apply to the search.

Export to Report

Select to open the Report Generator dialog box. Select to generate a PDF or CSV report. You can wait until the report is ready to view, or navigate away and find the report later in Log & Report > Report Center page.

Customize

Click the Customize icon to customize the Job View settings page. For more information, see Job View Settings.

Action

 

 

View Details

Click the View Details icon to view file information. The information displayed in the view details page is dependent on the file type and risk level.

 

Archived File

The icon displays that the file as an archived file.

 

FortiGuard Advanced Static Scan

The icon displays that the file is rated by user's overridden verdict or FortiGuard advanced static scan.

 

File Inside Archive

The icon displays that the file is a file extracted from an archive file.

 

Rescan Job

The icon displays that the job is Malicious from an AV Rescan or a rescan of the Malicious file.

 

Video

Click the Video button to play the video of the scan. Scan videos are available in On-Demand scans if the user has the privilege.

 

Perform Rescan

Click the icon to rescan the entry. In the Rescan Configuration dialog box, you can skip Static Scan, AV Scan, Cloud Query, and Sandboxing.

Click OK to continue. This feature is only available for files with a Malicious rating and the suspicious jobs detected by Static Scan, AV Scan, Cloud Query and the yara engine. The rescan job is in File Input > File On-Demand.

Pagination

Use the pagination options to browse entries displayed.

The following information is displayed:

Total Jobs

The number of jobs displayed and the total number of jobs.

The displayed columns are determined by settings defined in System > Job View Settings > File Detection Columns page. For more information, see Job View Settings.