Sorting data in tables and reports



Hello. You have arrived at an outdated topic. Please click this link to be redirected to the updated Endpoint Protection Admin Guide.

You can sort, hide, and show data in tables and reports, as follows:

  • Quick sort on a column: Click the desired column head to sort by that subject. For example, if you want to sort data by policy name, you would click the Policy column header.
  • Change the ascending or descending order: Click at the end of a column header to display the drop-down arrow, then click the arrow to open the menu. Select either Sort Ascending or Sort Descending to change the order of data points in a column.
  • Show or hide columns: Click at the end of a column header to display the drop-down arrow, then click the arrow to open the menu. Select a box (check) to show a column. Deselect a box (uncheck) to hide a column.



The following table describes subject data that may appear in Endpoint Protection tables and reports. The data that appears depends on the type of table or report displayed.

Data points in tables and reports
Agent Language The language selected when SecureAnywhere was installed:
en = English
ja = Japanese
es = Spanish
fr = French
de = German
it = Italian
nl = Dutch
ko = Korean
zh-cn = Simplified Chinese
pt = Brazilian Portuguese
ru = Russian
tr = Turkish
zh-tw = Traditional Chinese
Agent Version The version of the SecureAnywhere software installed on the endpoint.
All Endpoints More information about the endpoints where a file was detected and blocked.
All Versions More information about the SecureAnywhere versions where a file was detected and blocked.
Approx Scan Time The duration of a scan in minutes and seconds.
Area A flag for the country where the endpoint is located.
Cloud Determination

The Webroot classification of the file, which can be Good, Bad, or Undetermined.

If you hover over the classification, the system displays information on how this classification was  reached.

Days Infected The number of days the endpoint remained infected.
Device MID A Machine ID value that identifies the hardware for an endpoint. Webroot uses an algorithm to determine this value.
Dwell Time

The time the threat has been present on the device. It is calculated from the first time the file is active to when the file was last seen.

For more information, see About Dwell Time.

Endpoints Affected The number of endpoints with a detected file.
File Size The size of the file in bytes.
Filename The filename of the detected threat.
First Infected The date and time a threat was detected.
First Seen The date and time this endpoint first checked into the Management Portal.
Group The group assigned to the endpoint.
Hostname The machine name of the endpoint.
Instance MID A value that identifies the Windows operating system SID (Security Identifier). Webroot uses an algorithm to determine this value.
IP Address The IP address of the endpoint.
Keycode The license used to install SecureAnywhere on the endpoint.
Last Infected The date and time the endpoint reported an infection.
Last Scan Time The time of the last scan on this endpoint.
Last Seen The date and time this endpoint last checked into the Management Portal.
Malware Group The classification of the malware; for example: Trojan or System Monitor.
MD5 The Message-Digest algorithm 5 value, which acts like a fingerprint to uniquely identify a file.
OS The operating system of the endpoint.
Pathname The directory (folder) where the file was detected.
Policy The policy assigned to the endpoint.
Product The name of the product associated with the file, if SecureAnywhere can determine that information.
Scan Type The type of scan: Deep Scan, Post Cleanup Scan, or Custom/Right-Click Scan.
Status The current status of the endpoint: Protected (no infections), Infected (malware detected), Not Seen Recently (has not reported into the portal), Expired (SecureAnywhere license has lapsed), or Infected & Expired.
System Pack The number of the service pack for the operating system.
System Type Either 32-bit or 64-bit.
Vendor The name of the vendor associated with the file, if SecureAnywhere can determine that information.
Version The version of the product associated with the file, if SecureAnywhere can determine that information.
VM Yes, if the endpoint is installed on a virtual machine.
Windows Full OS The name of the Windows operating system.