IP address Information are not updated in SEP 12.1 Logs/Risk
We are using Sep 12.1 RU1 MP1 on a windows Architecture,
Today we have experienced an issue with one of the network virus come via OWA. And SEP client blocked the same successfully.
From the risk log I am not able to see the Source Computer Name / Source (Computer IP Source Computer IP‘s entry is 0.0.0.0).
Where I can get the full details? Where is the origination of the virus / attack?
SEP detected the virus as Trojan.Zbot.
Can anyone guide what can the possibilities to find the root of virus?