How to find events when a file is quarantined in ICDm
search cancel

How to find events when a file is quarantined in ICDm

book

Article ID: 274361

calendar_today

Updated On:

Products

Endpoint Security

Issue/Introduction

How to find events in Symantec Cloud ICDm portal that show when a file has been quarantined.

Environment

Symantec Endpoint Security Cloud Console (ICDm)

Resolution

  1. Navigate to the Investigate tab

  2. Copy and paste the following command:

    quick:Malware Protection AND quick:Security AND Event Type Id:8031-File Detection AND Disposition:12

  3. Select Run Query
Powered by Wolken Software