Hello,
You would have to Export the Risk Logs.
Here are the steps:
SEPM > Reports > Change the Log Type: "Risk " > Select the Time range > Click on Advance Settings and Select the right options > Click " View Log " > Click on "Export"
About log types
http://www.symantec.com/docs/HOWTO27271
The Risk log contains information about risk events. Available information includes the event time, event actual action, user name, computer/domain, risk name/source, count, and file/path.
Secondly, You can take the following actions from this log:
-
Add Risk to Centralized Exceptions Policy
-
Add File to Centralized Exceptions Policy
-
Add Folder to Centralized Exceptions Policy
-
Add Extension to Centralized Exceptions Policy
-
Delete from Quarantine
Hope that helps!!