Search
Use search when looking for any object. Basic search allows you to search using pre-defined parameters. Advanced events search is fully customizable.
To conduct a Basic search: 1.Object Type—Select a category. 2.Related objects (optional)—Select to narrow down the search result. 3.Attributes—Select from the available attributes. 4.Type your query (value), press Enter, and click Search. Search by available attributes: •Rule Name—A rule's name. •Note—A note name in Detections, Executables and Processes. •Comment—A comment in Detection, Executables, Computers and Processes. •Description—The computer description, taken from ESET PROTECT. •Name—The computer, executable or process name. •IP Address—The computer IP address. •MAC Address—The computer MAC address. •Argument—An event argument, which can be a patch, filename, directory name or IP address. •SHA-1—The executable's SHA-1. •SHA-256—The executable's SHA-256. •MD5—The executable's MD5. •Version Info—The module version info (file description, internal filename, original filename, company name, file version or product version). •Signer—The executable signer. •Origins—The executable's origin. •Dropper SHA-1—The dropper's SHA-1. •Command Line—The process command line. |
Advanced Event Search allows you to define complex criteria to filter out events. Choose the object type: Computers, Executables or Events. Customize the expression according to your needs. Refer to the Rules Guide for details. |
The search result table refreshes automatically when the search is running. The search results view is based on the object type if it is a two-parameter search, and on the object type and related object type if it is a three-parameter search. Click a search result to take further action: •Details—Redirects you to the relevant section depending on the Object type. •Start—Start selected search results. •Pause—Pause selected search results. •Duplicate query—Duplicate selected search result. •Delete—Delete selected search results. •Rename—Rename the search result for better distinguish. •Tags—Tag the search. After choosing this option, a new tag edition window opens. In the Select field, type a new tag or select an already existing one. •Filter—Show quick filters on the column where you activated the context menu (Show only this, Hide this). |