This section describes the search request history that is displayed on every threat search page.
Storing the search requests
When a search is performed using Kaspersky CyberTrace Web, information about it is stored in the history. The log file itself is not stored when a log file search is performed, only strings from the log file that contained detected indicators are stored; also, the file itself is not stored when a file hash search is performed.
For each authenticated user, the CyberTrace HTTP service stores the following amount of information:
Displaying the search request history
Every search page contains a form with the request history. The request history form contains requests of the corresponding search request type:
If you have signed in as an administrator, the search request history of all users is available; otherwise, only the current user's search request history is available.
The search requests are displayed from the last to the first. The active page contains up to 20 search requests. If there are more than 20 search requests available, you can display others by using the navigation controls.
You can specify the period during which the search requests to display were made:
Single indicator search request history
The form with the history of single indicator search requests displays the following data:
It is Matched
if the indicator is detected one or more times, Not matched
if the indicator is not detected, or Canceled
if the search operation is canceled.
Mon DD, YYYY HH:MM
For example, Dec 31 2012 23:58
.
This field is displayed only for administrators.
For a search operation that was not canceled, if you select an indicator, the full search result and the button for exporting the search result are displayed.
Log file search request history
The form with the history of log file search requests displays the following data:
It is Matched
if indicators in the log file are detected one or more times, Not matched
if no indicator is detected, or Canceled
if the search operation is canceled.
Mon DD, YYYY HH:MM
For example, Dec 31 2012 23:58
.
This field is displayed only for administrators.
For a search operation that was not canceled, if you select a row in the table, the full search result and the button for exporting the search result are displayed.
File hash search request history
The form with the history of file hash search requests displays the following data:
It is Matched
if the file hash is detected one or more times, Not matched
if the file hash is not detected, or Canceled
if the search operation is canceled.
Mon DD, YYYY HH:MM
For example, Dec 31 2012 23:58
.
This field is displayed only for administrators.
For a search operation that was not canceled, if you select a file hash, the full search result and the button for exporting the search result are displayed.
Page top