HIPS Logs
- Click 'Logs' in the CCS menu bar
- Select 'HIPS Events' from the drop-down at upper-left
Host intrusion prevention (HIPS) events are generated for various security reasons. These include changes in HIPS settings, when an application attempts to access restricted areas, or when an action contravenes your HIPS Rulesets.
- Date & Time - When the event occurred.
- Application - The name of the program or process that caused the event.
- Action - The activity of the application and how HIPS handled it.
- If the action was allowed to proceed then this column will show the result of that action.
- Click the 'Related Alert' link to see the notification that was shown at the time.
- This column will state 'Block File' if the action was not allowed.
- Target - Location of the file, COM interface or registry key accessed by the process.
- Alert - Click 'Related Alert' to view the notification generated by the event.
Note:
Alerts are only shown if 'Do not pop-up alerts' is disabled in 'Settings' > 'HIPS Configuration > 'HIPS Settings'. |
- Export - Save the logs as a HTML file. You can also right-click inside the log viewer and choose 'Export'.
- Open log file - Browse to and view a saved log file.
- Cleanup log file - Delete the selected event log.
- Refresh - Reload the current list and show the latest logs.
Click any column header to sort the entries in ascending descending order