Downloading Forensics Reports

The Forensic Report shows a comprehensive analysis of the entire sequence of an attack, as analyzed by the Forensics software blade in Harmony Endpoint.

It provides information about attacks and suspicious behavior. The report includes:

• Entry Point - How did the suspicious file enter your system?

• Business Impact - Which files were affected and what was done to them?

• Remediation - Which files were treated and what is their status?

• Suspicious Activity - What unusual behavior occurred that is a result of the attack?

• Incident Details - A complete visual picture of the paths of the attack in your system.

To download the forensics report of an event:

1. Go to Logs and from the New Tab Catalog, select Logs.

2. Expand the Statistics pane and in the Blade section, select Forensics. For more information, see Harmony Endpoint Logs .

   

   Note - To search the Forensics event using the machine name, enter the machine name in the search field and click Enter.

3. From the list, double-click the event for which you want to download the report.

   The Card window with the log details appears.

4. Scroll-down to Forensics Report section and click Download the Forensics Report.

   

   Note - To view the Forensics Report without downloading, click Open the Forensics Report.

   The report file is downloaded to the computer in the JSON format.