Automation log
Automation Log records each enforcement action generated by FortiNDR.
The Violations column shows the total number of malware detections and NDR anomalies found on that target device. Double-click a log entry to see more details about the violation, such as malicious files that caused the violation. The number of violations is calculated within the digest cycle of 1 minute.
The Enforcement Profile column indicates which profile the enforcement settings set at the time the event is triggered.
Violation details
Automation Status and Post action
The following table is a summary of the Status and its relationship with Post Action. You can execute a post action by selecting an entry and clicking an action button above the table.
Status |
Description |
Possible Post Action |
---|---|---|
Active |
When enforcement action fails, the system retries for five times. If the action succeeds, the Status changes to Executed. If the action fails, the Status changes back to Active. |
None |
Executed |
Enforcement action succeeded. |
Undo Action |
Failed |
Exceed the retry limit of five times. |
Manual Execution |
Duplicated |
Another executed entry has been detected with same automation profile, target IP and target mac address. |
None |
Undo Success |
Undo an enforcement action that succeeded. |
None |
Omitted |
Action was prohibited from execution by restriction, for example, allow-listed. |
Manual Execution |