Message Image

Skip main navigation (Press Enter).

Endpoint Protection

View Only

Back to discussions

Expand all | Collapse all

WHat does the action list mean by "Log Only"

AnithaPMay 23, 2017 05:24 AM

I see a couple of machines on which the file is quarantined and after 2-3 minutes showing as "Log only" ...

PraveenAyappanMay 23, 2017 05:59 AM

It means sep had tried to act on the same file twice and since it was quarantined in the first place ...

ℬrίαηMay 23, 2017 07:53 AM

Exactly what it says - it only logged instead of taking action. You need to manually remove.

1. WHat does the action list mean by "Log Only"

0 Recommend
AnithaP
Posted May 23, 2017 05:24 AM
| view attached

Reply Reply Privately
I see a couple of machines on which the file is quarantined and after 2-3 minutes showing as "Log only"

Does "Log only" mean... no action is taken? what to do for such cases?

How can we clear the qurantine , to prove that the files are cleared from the PC?

Attachment(s)

fadi2.xls 26 KB 1 version
2. RE: WHat does the action list mean by "Log Only"

0 Recommend
PraveenAyappan
Posted May 23, 2017 05:59 AM

Reply Reply Privately
It means sep had tried to act on the same file twice and since it was quarantined in the first place it didn't find the file the second time hence it's just logging the event and letting you know. Nothing to worry. But if you see only one entry of that file with log only it means sep didn't have the required permission to remediate the file or it was looked by other process and needs your manual intervention to remove the file from the machine.
3. RE: WHat does the action list mean by "Log Only"

0 Recommend
ℬrίαη
Posted May 23, 2017 07:53 AM

Reply Reply Privately
Exactly what it says - it only logged instead of taking action. You need to manually remove.

Copyright 2019. All rights reserved.

Powered by Higher Logic