Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 9385 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

On-Access Scan Type in Database??

TN_Vol

This may have been discussed, but I couldn’’’’t find an answer.  I need to determine when an AV alert is kicked off by an on-access scan or a scheduled scan.   Is there a table/column I can look at to verify what type of scan caught the malware?  Any help would be greatly appreciated!

:35373


This thread was automatically locked due to age.
Parents
  • 0

    Thanks for the reply. I saw the Enumerations table, but I’’’’m having trouble find where those values are used.  The Events table has a column labeled “Scantype”, but it does not appear to contain all the events caught on machines.  I ran a test where I scanned a file (right click) and it was not in the Events table, but I did find it in the ThreatInstancesAll view.  I could not find any link to the Enumerations table from this view.  Do you know of any documentation around this? 

    :35379
Reply
  • 0

    Thanks for the reply. I saw the Enumerations table, but I’’’’m having trouble find where those values are used.  The Events table has a column labeled “Scantype”, but it does not appear to contain all the events caught on machines.  I ran a test where I scanned a file (right click) and it was not in the Events table, but I did find it in the ThreatInstancesAll view.  I could not find any link to the Enumerations table from this view.  Do you know of any documentation around this? 

    :35379
Children
No Data