ESET Online Help

Search English
Select the topic


Lists all detections by ESET Cloud Office Security. Use the tabs to switch between Gmail, Google Drive, Exchange Online, OneDrive, Team groups, and SharePoint sites. View information on each detection, for example, detected files that were uploaded to a Team group in the Team groups tab.

Click the icon_expand_b_tiny icon to open a sidebar with a summary of a specific log record (detection). For more detailed information, click the icon_contextmenu_b_tiny icon and select Show details.

Navigate within the tree to see detections only for a specific tenant or group. To see all detections in every tenant and group, click All. To make searching for a specific detection easier, you can filter using multiple criteria. Click Add filter and select the filter type from the drop-down menu or type a string (repeat when combining criteria):

Add filter


Occurred from

Specify a "date from" range.

Occurred to

Specify a "date to" range.


Applies to messages which contain or do not contain a specific string (or a regular expression) in the subject.


Filter email messages by unique Message-ID when searching for a specific message, especially in large logs with many messages or multiple delivery attempts.


Filter messages by a specific sender.


Filter messages by recipients.


Applies to messages located in a specific mailbox.

Scan result

Select one of the following options: Malware, icon_edtd Malware (detected by ESET LiveGuard Advanced), Phishing or Spam.


Select one of the available actions.


Type the valid team name.


Type the valid site name.


Type a valid object name.


Type a valid detection name.


Type a valid detection hash.

When you click the icon_contextmenu_b_tiny icon, an option Remove whitelisted will be available if you have whitelisted a file previously by releasing it from Quarantine for the same user. Use this option to remove a file from the whitelist. All such future files will be quarantined.


The retention period for detections is 90 days. Records older than 90 days will be removed permanently.

Report false positive (FP) / false negative (FN)

You can manually report FP and FN detections for Spam, Phishing, or Malware by sending a sample to ESET labs for analysis. Email addresses to send the samples to:

Spam - send an email to for emails incorrectly marked as spam or to for undetected spam with the original message as an attachment in .eml or .msg format.

Phishing - to report false positive or negative phishing classification, create a new email message to be sent to with 'phishing email' in the subject line and include the phishing email as an attachment in .eml or .msg format.

Malware - for false positive or negative classification of malware, create a new email message to be sent to with 'False positive' or 'Suspected infection' in the subject line and include the file(s) compressed into a .zip or .rar format as an attachment.