Applying overrides to files from reports
Hello. You have arrived at an outdated topic. Please click this link to be redirected to the updated Endpoint Protection Admin Guide.
From the Reports tab, you can apply an override to a file designated as a threat so it won't be detected and quarantined again in the future. You can add overrides from these reports:
- All Threats Seen.
All Undetermined Software Seen.
Endpoints with Threats on Last Scan, in the panel for Threats Seen on this Endpoint panel (individual endpoints only).
Endpoints with Undetermined Software on Last Scan, in the panel for All Undetermined Software Seen on this Endpoint (individual endpoints only).
To create an override from reports:
- Click the Reports tab and generate one of the reports listed above.
- Select the desired filename and click Create override from the command bar.
The following dialog opens:
- Open the Determination drop-down menu by clicking the arrow to the right of the field. Select one of the following:
- You can apply this override globally or to an individual policy, as follows:
- When you're done, click Save.
- If you want to test the file's detection, you can send the endpoint a Reverify all files and processes command (see Issuing commands to a group of endpoints).