Endpoint Protection

 View Only

  • 1.  Event ID's for virus/malware/threats/etc found? cleaned?

    Posted Oct 30, 2009 10:48 AM
    What are the event ID's in the log files (application or system?) when the program detects a threat?  What is the event ID's when it cleans something?


  • 2.  RE: Event ID's for virus/malware/threats/etc found? cleaned?
    Best Answer

    Posted Oct 30, 2009 12:32 PM

    Title: 'Symantec Endpoint Protection 11.x event log entries'
    Document ID: 2008080711443448
    > Web URL: http://service1.symantec.com/support/ent-security.nsf/docid/2008080711443448?Open&seg=ent

    Virus Found

    5

    GL_EVENT_INFECTION

    Occurs when scanning detects a virus.

    Detection Start

    46

    GL_EVENT_ANOMALY_START

    Occurs when a threat is found. This is the first of a series of steps describing the action taken.

    Detection Action

    47

    GL_EVENT_DETECTION_ACTION_TAKEN

    Describes an action taken when a threat is found.