1. Are admin activities being recorded e.g. which document the admin has viewed or downloaded like "Download Resource" option under each sandbox task submitted to IntelliVM?

2.  What related details are recorded on CAS like URL, user, time, machine name etc?

3. How long are these logs/documents being kept for on CAS under Malware Analysis --> All tasks --> task --> Download Resource?

Release : 3.1.2.4

Component : Default-Sym

1. Are admin activities being recorded e.g. which document the admin has viewed or downloaded like "Download Resource" option under each sandbox task submitted to IntelliVM?

Activity of admin (or any other user) Downloading Resource from MA task is not recorded in any of the system log files.

2. What related details are recorded on CAS like URL, user, time, machine name,etc?

Task Summary shows the Owner of submitted task as the User. Hence if CAS admin has submitted the task the User would be shown as admin.

End user information will not be available as these tasks are always submitted to iVM via the CAS user account.

3. How long are these logs/documents being kept for on CAS under Malware Analysis --> All tasks --> task --> Download Resource?

Tasks and samples submitted under Malware analysis will remain unless they are manually deleted. These tasks are not overwritten or rotated.