This section describes the search request history that is displayed on every threat search page.
Storing the search requests
When a search is performed using Kaspersky CyberTrace Web, information about it is stored in the history. The log file itself is not stored when a log file search is performed, only strings from the log file that contained detected indicators are stored; also, the file itself is not stored when a file hash search is performed.
For each authenticated user, the CyberTrace HTTP service stores the following amount of information:
Displaying the search request history
Every search page contains a form with the request history. The request history form contains requests of the corresponding search request type:
If you have signed in as an administrator, the search request history of all users is available; otherwise, only the current user's search request history is available.
The search requests are displayed from the last to the first. The active page contains up to 20 search requests. If there are more than 20 search requests available, you can display others by using the navigation controls.
You can specify the period during which the search requests to display were made:
Single indicator search request history
Single indicator search request history
The form with the history of single indicator search requests displays the following data:
It is Detected
if the indicator is detected one or more times, Not detected
if the indicator is not detected, or Canceled
if the search operation was canceled.
This information is displayed in the Status column.
yyyy-mm-dd HH:MM:SS
For example, 2012-12-31 23:58:25
.
This information is displayed in the Date column.
This information is displayed in the User column and can be seen only by administrators.
This information is displayed in the Search string column.
For a search operation that was not canceled, if you select an indicator, the full search result and the button for exporting the search result are displayed.
Log file search request history
Log file search request history
The form with the history of log file search requests displays the following data:
It is Detected
if indicators in the log file are detected one or more times, Not detected
if no indicator is detected, or Canceled
if the search operation was canceled.
This information is displayed in the Status column.
yyyy-mm-dd HH:MM:SS
For example, 2012-12-31 23:58:25
.
This information is displayed in the Date column.
This information is displayed in the User column and can be seen only by administrators.
This information is displayed in the Log file column.
For a search operation that was not canceled, if you select a row in the table, the full search result and the button for exporting the search result are displayed.
File hash search request history
File hash search request history
The form with the history of file hash search requests displays the following data:
It is Detected
if the file hash is detected one or more times, Not detected
if the file hash is not detected, or Canceled
if the search operation was canceled.
This information is displayed in the Status column.
yyyy-mm-dd HH:MM:SS
For example, 2012-12-31 23:58:25
.
This information is displayed in the Date column.
This information is displayed in the User column and can be seen only by administrators.
This information is displayed in the File column.
This information is displayed in the Checksum column.
For a search operation that was not canceled, selecting a file hash will display the full search result and the button for exporting the search result.
Page top