Generating the All Threats Seen Report

Hello. You have arrived at an outdated topic. Please click this link to be redirected to the updated Endpoint Protection Admin Guide.

To locate and manage detected threats, you can generate the All Threats Seen report. This report lists threats by filename, along with when and where SecureAnywhere detected them.

This report might show duplicate entries if the threats were detected multiple times or in multiple places. From here, you can create an override for a file or restore it from quarantine. You can modify the report data as follows:

  • View all detected threats within a selected policy or group, which is helpful if you need to narrow search results to a specific set of endpoints.
  • Drill down to see the threats detected within a date range, which is helpful if you want to narrow the search results to a specific time period.

To generate the All Threats Seen report:

  1. From the Endpoint Protection console, click the Reports tab.
  2. From the Report Type drop-down menu, select All Threats Seen.

  3. If needed, select a specific policy or group. If you do not select a policy or group, the report data shows all policies and groups, and, depending on our environment, may take a long time to generate.

  4. To enter a date range for the datam select the Select time period checkbox. This is an optional step.

  5. To include deactivated and hidden endpoints in the report, select the Include deactivated and hidden checkbox. This is an optional step.

  6. Click the Submit button.

    The report displays in the right panel. Each threat is listed by its filename, along with where and when SecureAnywhere detected and removed it.

  7. From this panel, you can do the following: 
    • Create Override — To bypass Endpoint Protection and designate the file as Good (allow the file to run) or Bad (detect and quarantine the file), from the Command bar, click Create override. For more information, see Applying Overrides to Files From Reports.
    • Restore From Quarantine — If the file is safe and you want to restore it to the original location on the endpoint, from the Command bar, click Restore from Quarantine.
  8. To show or hide additional data for the report, click a column header to display the drop-down menu, then select checkboxes to select, add, or remove columns. For more information about the descriptions of the data in the columns, see Sorting Data in Tables and Reports.
  9. To download a report spreadhseet, see Downloading Report Spreadsheets.