Detections
Lists all detections by ESET Cloud Office Security. Use the tabs to switch between Gmail, Google Drive, Exchange Online, OneDrive, Team groups, and SharePoint sites. View information on each detection, for example, detected files that were uploaded to a Team group in the Team groups tab.
Click the icon to open a sidebar with a summary of a specific log record (detection). For more detailed information, click the
icon and select Show details.
Navigate within the tree to see detections only for a specific tenant or group. To see all detections in every tenant and group, click All. To make searching for a specific detection easier, you can filter using multiple criteria. Click Add filter and select the filter type from the drop-down menu or type a string (repeat when combining criteria):
Add filter |
Usage |
---|---|
Occurred from |
Specify a "date from" range. |
Occurred to |
Specify a "date to" range. |
Subject |
Applies to messages which contain or do not contain a specific string (or a regular expression) in the subject. |
Message-ID |
Filter email messages by unique Message-ID when searching for a specific message, especially in large logs with many messages or multiple delivery attempts. |
From |
Filter messages by a specific sender. |
To |
Filter messages by recipients. |
Mailbox |
Applies to messages located in a specific mailbox. |
Scan result |
Select one of the following options: Malware, |
Action |
Select one of the available actions. |
Team |
Type the valid team name. |
Site |
Type the valid site name. |
Object |
Type a valid object name. |
Detection |
Type a valid detection name. |
Hash |
Type a valid detection hash. |
When you click the icon, an option Remove whitelisted will be available if you have whitelisted a file previously by releasing it from Quarantine for the same user. Use this option to remove a file from the whitelist. All such future files will be quarantined.
The retention period for detections is 90 days. Records older than 90 days will be removed permanently. |
Report false positive (FP) / false negative (FN)
You can manually report FP and FN detections for Spam, Phishing, or Malware by sending a sample to ESET labs for analysis. Email addresses to send the samples to:
Spam - send an email to nospam_ecos@eset.com for emails incorrectly marked as spam or to spam_ecos@eset.com for undetected spam with the original message as an attachment in .eml or .msg format.
Phishing - to report false positive or negative phishing classification, create a new email message to be sent to samples@eset.com with 'phishing email' in the subject line and include the phishing email as an attachment in .eml or .msg format.
Malware - for false positive or negative classification of malware, create a new email message to be sent to samples@eset.com with 'False positive' or 'Suspected infection' in the subject line and include the file(s) compressed into a .zip or .rar format as an attachment.