Scan logs

Lists all scan results by ESET Cloud Office Security. Logs are similar to Detections, but additionally, you can have clean objects included in the list (enable the Log all objects setting in policies). Switch between Gmail, Google Drive, Exchange Online, OneDrive, Team groups, SharePoint sites, and Submitted files using the tabs. You can see a substantial amount of information for each detection. Submitted files is a list of files sent to ESET LiveGuard Advanced for analysis.

Click the icon to open a sidebar with a summary of a specific log record. For more detailed information, click the three dots icon or right-click an item and select Show details.

Click the icon or right-click an item and select an action:

Action	Usage
Submit sample	The sample submission dialog enables you to send a suspicious malware file, spam or phishing to ESET for analysis. You can also report False positive malware, spam or phishing. Select a Reason for submitting a sample from the currently available options in the drop-down menu. The currently available options may differ depending on the item you are submitting for analysis. If you see a Block sender option (when submitting spam), you can choose to Block sender by email address, domain or IP and select your custom policy that will be modified to handle the sender blocking. If you do not have a custom policy, click Create new policy.
Quarantine email	The sample submission dialog enables you to send a suspicious malware file, spam or phishing to ESET labs for analysis. You can also report False positive malware, spam or phishing. Select a Reason for submitting a sample from the currently available options in the drop-down menu. The currently available options may differ depending on the item you are submitting for analysis. If you see a Block sender option (when submitting spam), you can choose Block sender by email address, domain or IP and select your custom policy that will be modified to handle the sender blocking. If you do not have a custom policy, click Create new policy.

Action

Usage

Submit sample

The sample submission dialog enables you to send a suspicious malware file, spam or phishing to ESET for analysis. You can also report False positive malware, spam or phishing. Select a Reason for submitting a sample from the currently available options in the drop-down menu. The currently available options may differ depending on the item you are submitting for analysis. If you see a Block sender option (when submitting spam), you can choose to Block sender by email address, domain or IP and select your custom policy that will be modified to handle the sender blocking. If you do not have a custom policy, click Create new policy.

Quarantine email

The sample submission dialog enables you to send a suspicious malware file, spam or phishing to ESET labs for analysis. You can also report False positive malware, spam or phishing. Select a Reason for submitting a sample from the currently available options in the drop-down menu. The currently available options may differ depending on the item you are submitting for analysis. If you see a Block sender option (when submitting spam), you can choose Block sender by email address, domain or IP and select your custom policy that will be modified to handle the sender blocking. If you do not have a custom policy, click Create new policy.

Navigate within the tree to see log records only for a specific tenant or group. To see all detections in every tenant and group, click All.

If a scan result is Not scanned, the reason may vary. See Limitations for details.

When you click the gear icon in the upper-right corner to access Export to CSV from the context menu, you can export the table grid to CSV format and use it in other applications to work with the list.

To make searching for a specific log record easier, you can filter using multiple criteria. Click Add filter and select the filter type from the drop-down menu or type a string (repeat when combining criteria):

Add filter	Usage
Occurred from	Specify a "date from" range.
Occurred to	Specify a "date to" range.
Data source	Select one of the following options: Exchange Online, OneDrive, Team group and SharePoint site.
Mailbox	Applies to messages located in a specific mailbox.
From	Filter messages by a specific sender.
To	Filter messages by recipients.
Subject	Applies to messages that do or do not contain a specific string in the subject.
Message-ID	Filter email messages by unique Message-ID when searching for a specific message, especially in large logs with many messages or multiple delivery attempts.
Scan result	Select one of the following options: Malware, Malware (detected by ESET LiveGuard Advanced), Phishing, Spam, Clean, Not scanned, Error, or Disabled.
Action	Select one of the available actions.
Drive	Filter files by Google Drive or OneDrive.
Owners	Type the valid owner name.
Object	Type a valid object name.
Detection	Type a valid detection name.
Hash	Type a valid detection hash.
Team	Type a valid team name.
Site	Type a valid site name.
Sender	Filter messages sent by a specific sender.
Antispam reason	Filter messages by a reason as marked by the antispam engine.

There is a 90-day retention period for log records. Records older than 90 days will be removed permanently. If you have a policy that uses Log all objects, retention for the log records with a Clean scan result is 3 days. Clean scan results older than 3 days will be removed permanently.

˄˅