Adaptive Threat Protection Events page

Quickly see recent and past events for systems (devices), files, rules, and certificates.

Table 1: Option definitions
Option Definition
Select Event View Choose:
  • Enforcement Events — Show events that are detected and enforced per the module policies.
  • Observation Events — Show events, such as Would Block, for detections and the actions that would be taken if the module policies were enforced.

To see details, click the event. For example, click the Events by File graph to show file event details.

Select Pivot Point Choose to view event details:
  • Pivot by Certificate — View event details by certificate.
  • Pivot by File Hash — View event details by file hash.
  • Pivot by Rule — View event details by rule.
  • Pivot by System — View event details by system.

To sort the information in the table by a specific column, click the column heading.

To see details about an item, such as when the event occurred and action taken, click the item.