Viewing the table of objects that were placed in Storage
The table of objects placed in Storage is in the Storage section, Files subsection of the program web interface window.
The table of objects placed in Storage contains the following information:
Type—Location of the object in Storage.
The following types of objects are available:
– The object was placed in Storage in one of the following ways:
The Get file task was run.
A copy was received of an object that was quarantined on hosts with Kaspersky Endpoint Agent (in the Storage section, Quarantine subsection, Get file from quarantine action was selected in the menu for the link with the directory of the object).
– The object was placed in Storage in one of the following ways:
The Get forensics task was run.
The Get process memory dump task was run.
The Get registry key task was run.
The Get NTFS metafiles task was run.
– The object was manually downloaded by the user in the Storage section, Files subsection.
Object—Information about the object. For example, the file name or file path.
Scan results—Object scan result.
The scan result is displayed as one of the following values:
Not detected—As a result of a scan, the program did not detect signs of a targeted attack, probably infected objects, or suspicious activity.
Error—Object scan ended with an error.
In process—Object scan has not yet completed.
Not scanned—Object was not sent to be scanned.
Detected—As a result of a scan, the program detected signs of a targeted attack, a probably infected object, or suspicious activity.
Servers—Name of the Central Node, PCN, or SCN server. A host from which the object was received is connected to this server (displayed if you are using the distributed solution and multitenancy mode).
Operation mode in which Kaspersky Anti Targeted Attack Platform is used to protect the infrastructure of multiple organizations or branch offices of the same organization simultaneously.
Two-level hierarchy of servers with Central Node components installed. This hierarchy allocates a primary control server (Primary Central Node (PCN)) and secondary servers (Secondary Central Nodes (SCN)).
Source—IP address or name of the host from which the object was received, or the name of the user account that uploaded the object.
Record time—Date and time when the object was placed in Storage.
The right part of the object information row contains buttons:
You can click to delete the object from Storage.
You can click to send the object in Storage for scanning by the Anti-Malware Engine, YARA, and Sandbox technologies.
You can click to download the object from Storage to your computer.
Clicking the link with the file name or file path opens a list in which you can select one of the following actions: