Viewing a report on the results of an on-demand scan

To view a report on the results of an on-demand scan:

1. Select and open in the Management Console tree the node corresponding to the necessary SharePoint server. Then select the On-demand scan node.
2. In the workspace of the node in the Scan results section, you will see a list of prepared reports.
3. Select the report you need in the list and click the View button.

The report will be displayed in a new window of your browser.

Details of scan results

If you are viewing a report generated by Kaspersky Security 9.0 for SharePoint Server Maintenance Release 2, the fields in the report will be different from those described in this reference material.

All reports contain the following details of scan results:

• The report header includes the following data:
  • Report generation date.
  • Task name. A unique task name assigned by the user in the task settings.
  • Scan type. Scan type: complete or incremental.

    A type of file scan. During an incremental scan, the application searches for data on SharePoint servers, only scanning files that have been modified since the previous scan.

    A type of file scan. When performing a full scan, the application searches for data from the specified categories in all files stored on SharePoint servers.

  • Start method. Whether the task is run manually or automatically, according to a schedule
  • Information about application components that performed the scan (for example, Content filtering, Anti-Virus scan, Scanning SharePoint web objects).
  • Status. A task completion result summary generated based on the task status for each SharePoint server:
    • Completed successfully;
    • Error;
    • Error caused by license restrictions;
    • Stopped by the user;
    • Task timed out.
• Task servers. A table containing statuses used to perform on-demand scans on each of the SharePoint servers.
  • Server name.
  • Task execution status on server. Possible values:
    • Completed successfully;
    • Error;
    • Error caused by license restrictions;
    • Stopped by the user;
    • Task timed out.
• Table of locations to scan. A table of paths to areas in the SharePoint structure entered by the user in the task settings.
  • Path. A list of paths to scanned areas in the SharePoint structure.
  • Excluded. A list of paths to areas of the SharePoint structure excluded manually by the user in the task settings (for example, you can exclude a large area that does not require scanning).
  • Included. A list of paths to areas in the SharePoint structure added manually by the user in the task settings (for example, you can add a small area requiring scanning that is a part of a larger area excluded from and does not require scanning).
• Subheader of the report for the SharePoint server.
  • Server name. SharePoint server on which the task was performed
  • Status. The task completion result may have the following values:
    • Completed successfully;
    • Error;
    • Error caused by license restrictions;
    • Stopped by the user;
    • Task timed out.
  • Scan results. General information about the results of task implementation.
    • Start. Local scan start time on the SharePoint server specified in the subheader.
    • Finish. Local scan end time on the SharePoint server specified in the subheader.
    • Processing errors. The number of files skipped by the application because of processing errors.
    • Scanned items. Total number of scanned files.
    • Virus threats found. The number of malicious objects detected (the number Anti-Virus component incidents).
    • Content filtering component positives. The number of Content Filtration incidents logged whenever the application discovers unwanted content, type and format of such files, the detection of masks of unwanted file names, as well as Content Filtration incidents logged whenever the application discovers unwanted content in web-based objects.
• Table of positives. A table with information about all files found to contain malicious objects or violations of Content filtering rules. If the scan has not detected any virus threats or violations of content filtering rules, the File scan detected no incidents message is displayed instead of the table of positives.
  • File name. The name and path to the file where malicious objects or violations of content filtering rules have been found.
  • Version. File version on the SharePoint server.
  • Action. Operation performed on the file based on the scan results in accordance with the defined settings.
  • Anti-Virus scan. Status assigned to the file by the anti-virus scanning component. This column displays the Corrupted or Password-protected status label for corrupted or password-protected files. For infected or probably infected files, the column displays the name of the malicious object detected in the file.
  • Content filtering. Status assigned to the file by the content filtering. Policies whose violation triggered the content filtering component.
  • Backup. Information about creation of a backup copy for the file in Backup.
  • Restored version. The version to be assigned to the restored file (if it can be disinfected).
  • Incident ID. The universal ID of the positive. The incident ID simplifies the search for information about the incident in the report, Backup, and file log. It is also displayed in the properties of a backup copy of the file in Backup and in notifications about violations of security policies during on-demand scanning.
• SharePoint web objects scan alarms. A table with the details of SharePoint web objects found to contain unwanted words or phrases. If no unwanted words or phrases have been detected during a scan of SharePoint web objects, the SharePoint web objects scan detected no incidents message is displayed instead of this table.
  • Name and version. Name and version of a SharePoint web object found to contain unwanted words or phrases included in Kaspersky Lab sections and user categories within the search scope configured in the Content filtering settings. The name consists of: <Site name> / <List name> / <Object ID>. The field contains n/a if the version information of the scanned SharePoint web object is unavailable.
  • Categorized as. List of SharePoint web object fields found to contain unwanted words or phrases, and categories to which the detected words and phrases belong.
  • Incident ID. The universal ID of the positive. You can use the incident ID to search for information about the incident in the report and log files.