File Scan Search
To view all files and search files, go to FortiView > File Scan Search. You can apply search filters to drill down the information displayed. Filenames can also be searched based on name patterns, and a snapshot report can be created for all search results.
If the device is the primary node of a cluster, all jobs processed by the cluster are available to be searched. If the device is a worker node of a cluster, only jobs processed by this device are available to be searched.
The following options are available:
Refresh |
Click the Refresh icon to refresh the entries displayed after applying search filters. |
|
Search Field |
Enter the detection time frame and click to add additional search filters for Device, File MD5, Filename, File SHA1, File SHA256, Job ID, Malware, Rating, Service, Source, User, Device, Infected OS, Rated by, Submit User, Submit Filename, Suspicious Type, or Scan Unit. When the search criteria is a Filename, click the = sign to toggle between the exact and pattern search. |
|
Time Period |
Select a time period to apply to the search. |
|
Export to Report |
Select to open the Report Generator dialog box. Select to generate a PDF or CSV report. You can wait until the report is ready to view, or navigate away and find the report later in Log & Report > Report Center page. |
|
Customize |
Click the Customize icon to customize the Job View settings page. For more information, see Job View Settings. |
|
Action |
|
|
|
View Details |
Click the View Details icon to view file information. The information displayed in the view details page is dependent on the file type and risk level. |
|
Archived File |
The icon displays that the file as an archived file. |
|
FortiGuard Advanced Static Scan |
The icon displays that the file is rated by user's overridden verdict or FortiGuard advanced static scan. |
|
File Inside Archive |
The icon displays that the file is a file extracted from an archive file. |
|
Rescan Job |
The icon displays that the job is Malicious from an AV Rescan or a rescan of the Malicious file. |
|
Video |
Click the Video button to play the video of the scan. Scan videos are available in On-Demand scans if the user has the privilege. |
|
Perform Rescan |
Click the icon to rescan the entry. In the Rescan Configuration dialog box, you can skip Static Scan, AV Scan, Cloud Query, and Sandboxing. Click OK to continue. This feature is only available for files with a Malicious rating and the suspicious jobs detected by Static Scan, AV Scan, Cloud Query and the yara engine. The rescan job is in File Input > File On-Demand. |
Pagination |
Use the pagination options to browse entries displayed. |
The following information is displayed:
Total Jobs |
The number of jobs displayed and the total number of jobs. |
The displayed columns are determined by settings defined in System > Job View Settings > File Detection Columns page. For more information, see Job View Settings.