Scan logs

Lists all scan results by ESET Cloud Office Security. Logs are similar to Detections, but additionally, you can have clean objects included in the list (enable the Log all objects setting in policies). Switch between Exchange Online, OneDrive, Team groups, SharePoint sites, and Submitted files using the tabs. You can see a substantial amount of information for each detection. Submitted files is a list of files sent to ESET LiveGuard Advanced for analysis.

Click the icon_expand_b_tiny icon to open a sidebar with a summary of a specific log record. For more detailed information, click the three dots icon icon_contextmenu_b_tiny and select Show details.

Navigate within the tree to see log records only for a specific tenant or group. To see all detections in every tenant and group, click All.


note

If a scan result is Not scanned, the reason may vary. See Limitations for details.

When you click the gear icon gear in the upper-right corner to access Export to CSV from the context menu, you can export the table grid to CSV format and use it in other applications to work with the list.

To make searching for a specific log record easier, you can filter using multiple criteria. Click Add filter and select the filter type from the drop-down menu or type a string (repeat when combining criteria):

Occurred from

Specify a "date from" range.

Occurred to

Specify a "date to" range.

Data source

Select one of the following options: Exchange Online, OneDrive, Team group and SharePoint site.

Mailbox

Applies to messages located in a specific mailbox.

From

Filter messages by a specific sender.

To

Filter messages by recipients.

Subject

Applies to messages that do or do not contain a specific string in the subject.

Message-ID

Filter email messages by unique Message-ID when searching for a specific message, especially in large logs with many messages or multiple delivery attempts.

Scan result

Select one of the following options: Malware, icon_edtd Malware (detected by ESET LiveGuard Advanced), Phishing, Spam, Clean, Not scanned, Error, or Disabled.

Action

Select one of the available actions.

Owners

Type the valid owner name.

Object

Type a valid object name.

Detection

Type a valid detection name.

Hash

Type a valid detection hash.

Team

Type a valid team name.

Site

Type a valid site name.


note

There is a 90-day retention period for log records. Records older than 90 days will be removed permanently. If you have a policy that uses Log all objects, retention for the log records with a Clean scan result is 3 days. Clean scan results older than 3 days will be removed permanently.