This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

On-Access Scan Type in Database??

This may have been discussed, but I couldn’’’’t find an answer. I need to determine when an AV alert is kicked off by an on-access scan or a scheduled scan. Is there a table/column I can look at to verify what type of scan caught the malware? Any help would be greatly appreciated!

This thread was automatically locked due to age.

Parents

0 jak over 12 years ago

HI,
Yes, if you're running SEC 5.0+ you also have the reporting interface installed in to the database by default. One table of interest which was added by the reporting interface was the Enumerations table. You can see in that values such as:
EnumID   EnumValue   Language   Position   Description
4   200   en   5   Unknown
4   201   en   2   On access
4   203   en   3   On demand
4   205   en   4   Scheduled
4   206   en   1   In memory
4   207   en   6   Web browser
Some of the views added by the reporting interface may be what you need as they join on that as part of the view.
More details on the SRI:
/search?q= 8285
Regards,
Jak
:35375
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 jak over 12 years ago

HI,
Yes, if you're running SEC 5.0+ you also have the reporting interface installed in to the database by default. One table of interest which was added by the reporting interface was the Enumerations table. You can see in that values such as:
EnumID   EnumValue   Language   Position   Description
4   200   en   5   Unknown
4   201   en   2   On access
4   203   en   3   On demand
4   205   en   4   Scheduled
4   206   en   1   In memory
4   207   en   6   Web browser
Some of the views added by the reporting interface may be what you need as they join on that as part of the view.
More details on the SRI:
/search?q= 8285
Regards,
Jak
:35375
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data