Network protection logs
The ESET Endpoint Antivirus Network protection saves all important events in a log file. To view the log file, open the main program window > Setup > Network > Show logs.
The log files can be used to detect errors and reveal intrusions into your system. Network protection logs contain the following data:
- Date and time of the event
- Name of event
- Source
- Target network address
- Network communication protocol
- The rule applied, or name of a worm, if identified
- Application path and name
- Hash
- User
- Signer of the application (publisher)
- Package name
- Name of the service
A thorough analysis of this data can help detect attempts to compromise system security. Many other factors indicate potential security risks and enable you to minimize their impact: frequent connections from unknown locations, multiple attempts to establish connections, unknown applications communicating or unusual port numbers used.
Security vulnerability exploitation The message of security vulnerability exploitation is logged even if the specific vulnerability is already patched since the exploitation attempt is detected and blocked on the network level before actual exploitation can happen. |