File Scan Search
To view all files and search files, go to FortiView > File Scan Search. You can apply search filters to drill down the information displayed. Filenames can also be searched based on name patterns, and a snapshot report can be created for all search results.
If the device is the Master node of a cluster, all jobs processed by the cluster are available to be searched. If the device is a Slave node of a cluster, only jobs processed by this device are available to be searched.
The following options are available:
Refresh |
Click the Refresh icon to refresh the entries displayed after applying search filters. |
|
Search Field |
Enter the detection time frame and click to add additional search filters for Device, File MD5, Filename, File SHA1, File SHA256, Job ID, Malware, Rating, Service, Source, User, Device, Infected OS, Rated by, Submit User, Submit Filename, Suspicious Type, or Scan Unit. When the search criteria is a Filename, click the = sign to toggle between the exact and pattern search. |
|
Time Period |
Select a time period to apply to the search. |
|
Export to Report |
Select to open the Report Generator dialog box. Select to generate a PDF or CSV report. You can wait until the report is ready to view, or navigate away and find the report later in Log & Report > Report Center page. |
|
Customize |
Click the Customize icon to customize the Job View settings page. Go to Job View Settings for more information. |
|
Action |
|
|
|
View Details |
Click the View Details icon to view file information. The information displayed in the view details page is dependent on the file type and risk level. |
|
Archived File |
The icon displays that the file as an archived file. |
|
FortiGuard Advanced Static Scan |
The icon displays that the file is rated by user's overridden verdict or FortiGuard advanced static scan. |
|
File Inside Archive |
The icon displays that the file is a file extracted from an archive file. |
|
Rescan Job |
The icon displays that the job is Malicious from an AV Rescan or a customized rescan job of the Malicious file. |
|
Video |
Click on the Video button to play the video of the scan job. Scan videos are available in On Demand scans if user has the privilege. |
|
Perform Rescan |
Click the icon to rescan the entry. In the Rescan Configuration dialog box you can select to skip Static Scan, AV Scan, Cloud Query, and Sandboxing. Click OK to continue. Click the close icon or select the Close button to close the dialog box. The rescan job can be found in File Input > File On-Demand page. |
Pagination |
Use the pagination options to browse entries displayed. |
The following information is displayed:
Total Jobs |
The number of jobs displayed and the total number of jobs. |
The displayed columns are determined by settings defined in System > Job View Settings > File Detection Columns page. Go to Job View Settings for more information.