ESET Online Help

Search
Select the category
Select the topic

Computers

ESET PROTECT On-Prem manages the environment structure of your computers and devices. The Computers table provides a detailed view of essential information about each machine, its status, the time of last communication, and the last event.

The view emphasizes severity and unresolved detections, enabling the security team to perform investigations focusing on computers with the highest detection rates, severities and frequencies. These computers may indicate an acute need for further investigation or false positives that you must resolve.

Preview panel

Click a computer name to display the preview panel on the right side. This panel contains important information about the selected computer. Some items are interactive.

Filtering, Tags and Table options

Use filters at the top of the screen to refine the displayed items. Tags are powerful when searching for a specific computer, detection, incident, executable or script. Click the gear gear_icon icon for table options to manage the main table.

 

The Computer details window includes:

icon_more_b Details

Click a computer to display comprehensive details.

icon_incidents_b Terminal

Allows advanced security professionals to remotely invoke PowerShell on an endpoint without breaking the end‐user's workflow (or alerting an attacker). PowerShell provides many options for detailed endpoint investigations and remediation without relying solely on ESET Inspect.

icon_detections_b Alerts

Shows potential connectivity issues to the ESET Inspect Server. These alerts are in ESET PROTECT On-Prem.

icon_detections_b Detections

Provides the main Detections for a selected computer. Select a detection to display Detection details and view the changes, including displaying the name of the triggering Rule with a link, Rule category name, Event link, Occurred time and date, triggering process link, Command line and information about the associated user.

icon_executables_b Executables

Shows the same options as the main Executables tab, except the list contains executables triggered on a specific computer.

icon_scripts_b Scripts

Displays the same options as the main Scripts tab, except the list contains scripts triggered on a specific computer.

icon_events_load_b Events

Shows the list of all events that occurred on this computer. To view events in the Raw events, right-click the event name and click Show in Process's Raw Events. To display event details, select an event to open Process details. A low-level event is something a process does, including writing a file, performing a DNS lookup and creating a registry entry. ESET Inspect analyses low-level events to find suspicious activities and report detections.

Click a computer to take further action:

Details

Go to the Computer details tab.

Details (Protect)

Go to the ESET PROTECT On-Prem Web Console.

Detections

Go to the Detections tab.

Executables

Go to the Executables tab.

Scripts

Go to the Scripts tab.

Events

Go to the Events tab.

Scan

Send the command to an Endpoint, starting an immediate computer scan (or use the Action button).

Network Isolation

Isolate the computer from the network (only connections between ESET Security products are available). You can also End isolation (available only for Windows endpoints; File Security from 7.2.12003.0).

Connect via Terminal

Go to the Terminal tab.

Power

Send a command to restart or shut down the computer.

Log Out

Log the current user out.

Send wake-up call

Send the Wake-Up command, forcing the computer to send all events since the last connection (or use the Action button).

Generate SysInspector log

Generate the SysInspector log, which you can review in the computer's details.

Tags

Assign tags to a computer from the existing list, or create new custom tags.

Audit log

Go to the Audit log tab.

Filter

Show quick filters on the column where you activated the context menu (Show only this, Hide this).

Incident

oCreate an incident report

oAdd to a current incident

oAdd to recent incident, which shows the last three incidents

oSelect incident to add to

Filter the computers by the following statutes:

alarm_severity_threat Threat

Threat severity detections are present.

alarm_severity_warning Warning

Warning severity detections are present.

alarm_severity_info Information

Informational severity detections are present.

executables_status_ok OK

No detections are found, or all are resolved.

executables_status_unmonitored Unmonitored

ESET Inspect Connector is not installed on this computer. ESET Inspect On-Prem can identify this computer because it is in an ESET PROTECT On-Prem Active Directory.