Computers
ESET PROTECT On-Prem manages the environment structure of your computers and devices. The Computers table provides a detailed view of essential information about each machine, its status, the time of last communication, and the last event.
The view emphasizes severity and unresolved detections, enabling the security team to perform investigations focusing on computers with the highest detection rates, severities and frequencies. These computers may indicate an acute need for further investigation or false positives that you must resolve.
Preview panel
Click a computer name to display the preview panel on the right side. This panel contains important information about the selected computer. Some items are interactive.
Filtering, Tags and Table options
Use filters at the top of the screen to refine the displayed items. Tags are powerful when searching for a specific computer, detection, incident, executable or script. Click the gear icon for table options to manage the main table.
The Computer details window includes:
Click a computer to display comprehensive details. |
Allows advanced security professionals to remotely invoke PowerShell on an endpoint without breaking the end‐user's workflow (or alerting an attacker). PowerShell provides many options for detailed endpoint investigations and remediation without relying solely on ESET Inspect. |
Shows potential connectivity issues to the ESET Inspect Server. These alerts are in ESET PROTECT On-Prem. |
Provides the main Detections for a selected computer. Select a detection to display Detection details and view the changes, including displaying the name of the triggering Rule with a link, Rule category name, Event link, Occurred time and date, triggering process link, Command line and information about the associated user. |
Shows the same options as the main Executables tab, except the list contains executables triggered on a specific computer. |
Displays the same options as the main Scripts tab, except the list contains scripts triggered on a specific computer. |
Shows the list of all events that occurred on this computer. To view events in the Raw events, right-click the event name and click Show in Process's Raw Events. To display event details, select an event to open Process details. A low-level event is something a process does, including writing a file, performing a DNS lookup and creating a registry entry. ESET Inspect analyses low-level events to find suspicious activities and report detections. |
Click a computer to take further action:
Details |
Go to the Computer details tab. |
---|---|
Details (Protect) |
Go to the ESET PROTECT On-Prem Web Console. |
Detections |
Go to the Detections tab. |
Executables |
Go to the Executables tab. |
Scripts |
Go to the Scripts tab. |
Events |
Go to the Events tab. |
Scan |
Send the command to an Endpoint, starting an immediate computer scan (or use the Action button). |
Network Isolation |
Isolate the computer from the network (only connections between ESET Security products are available). You can also End isolation (available only for Windows endpoints; File Security from 7.2.12003.0). |
Connect via Terminal |
Go to the Terminal tab. |
Power |
Send a command to restart or shut down the computer. |
Log Out |
Log the current user out. |
Send wake-up call |
Send the Wake-Up command, forcing the computer to send all events since the last connection (or use the Action button). |
Generate SysInspector log |
Generate the SysInspector log, which you can review in the computer's details. |
Tags |
Assign tags to a computer from the existing list, or create new custom tags. |
Audit log |
Go to the Audit log tab. |
Filter |
Show quick filters on the column where you activated the context menu (Show only this, Hide this). |
Incident |
oCreate an incident report oAdd to a current incident oAdd to recent incident, which shows the last three incidents oSelect incident to add to |
Filter the computers by the following statutes:
Threat |
Threat severity detections are present. |
---|---|
Warning |
Warning severity detections are present. |
Information |
Informational severity detections are present. |
OK |
No detections are found, or all are resolved. |
Unmonitored |
ESET Inspect Connector is not installed on this computer. ESET Inspect On-Prem can identify this computer because it is in an ESET PROTECT On-Prem Active Directory. |