Process Log

Process logging capabilities for Endpoint Protection enhance endpoint visibility for MSPs by exposing more endpoint event data and allowing for near real-time threat response.

In Reports, go to the Process Log tab to view a table with high-level information about endpoint events that were logged within a given timeframe.

To customize the processes shown in the Process Log table, you can:

• Click the Process Log drop-down list to filter for processes that either occurred for a specific Site or for all Sites.

• Use the calendar drop-down list to filter for processes that occurred within a specific date range.

• Click Filters to open the filter panel.

  • Expand each section to see available filters within each filter group.

  • A green circle with a number on the Filters button indicates the number of filters that are currently applied.

  • Select a file Determination.

  • To filter results for a specific Process Name, Process Path, or Username, type a partial or full value in the respective fields.

  • To filter results for a specific MD5 or SHA256 hash, type the full value in the respective fields.

  • Click Reset to manually clear any selections for a single filter group.

  • Click Reset Filters to clear all filters.

  • The filters that you apply will persist as you navigate to other pages within the Management Console until you manually reset them or log out.

To download the data found within the Process Log table as a .csv file, click Export. The exported report will only include the applied date range and filters.

You can also view detailed information about a specific process and create an override for it using process tree view. See Using process tree view for more information.