Understanding Antivirus Event Logs
By default, ZoneAlarm software records all virus scans, virus definition updates, and virus detections in a log, and archives the logs once every 7 days. To change the logging settings, see Managing Alerts and Logs Settings.
To view logged Antivirus & Anti-spyware events:
In the main menu of the ZoneAlarm software client, click Tools > Logs.
The Alerts and Logs window opens and shows the Log Viewer.
From the Select log type drop-down menu, select Antivirus.
The log table shows Antivirus & Anti-spyware events with relevant information:
Type The type of event that occurred. Possible values are:
- Update - virus and spyware signature definitions update
- Scan - antivirus and anti-spyware scan
- Treatment - action done to an infected file
Date and Time Date and time of the event. Files Names and paths of the scanned and treated files. Possible values are:
- A full path name of the file that was infected, treated, or safe (in case of a manual scan of a safe file)
- Multiple Files - when multiple files were scanned
Status Possible values for the default actions are:
- Update Install Completed
- Update Canceled
- Update Failed
- Scan Completed
- Scan Canceled
- Scan Failed
- File Repaired
- File Repair Failed
- Treatment Failed
- Delete Failed
- Restore Failed
Invoke Type How the event occurred. Possible values are:
- Auto - through an automatic action
- Manual - through a manual action
Action Outcome Possible values are:
- Number of the files scanned and the number and the names of detected infections
- Version number - for updates
To control the view of the log entries:
From the Show Last drop-down menu, select the number of latest entries to view in the Log Viewer table:
- To delete all the entries - click Clear.
- To refresh the Anti-Virus log and to view the latest entries - click Refresh.
- Click OK, when finished.
All rights reserved. This product and related documentation are protected by copyright and distributed under licensing restricting their use, copying, distribution, and decompilation. No part of this product or related documentation may be reproduced in any form or by any means without prior written authorization of Check Point. While every precaution has been taken in the preparation of this book, Check Point assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.
RESTRICTED RIGHTS LEGEND:
Use, duplication, or disclosure by the government is subject to restrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013 and FAR 52.227-19.
Refer to the Copyright page http://www.checkpoint.com/copyright.html for a list of our trademarks.
Refer to the Third Party copyright notices http://www.checkpoint.com/3rd_party_copyright.html for a list of relevant copyrights and third-party licenses.