ITarian Help

Find the desired product help

IT Endpoint Manager

IT Endpoint Manager

Comodo Client Security for Linux - User Guide

English

Print Help Download Help
More Options - Introduction > View Antivirus Events > Log Viewer Module > Antivirus Logs > Filter Antivirus Logs
  • Introduction To Comodo Client - Security For Linux
    • Special Features
    • System Requirements
    • Install Comodo Client - Security For Linux
    • Start CCS For Linux
    • Understand CCS Alerts
  • The Summary Screen
  • Antivirus Tasks - Introduction
    • Run A Scan
    • Update Virus Database
    • Scheduled Scans
    • Quarantined Items
    • Scan Profiles
    • Scanner Settings
      • Real Time Scan
      • Manual Scan
      • Scheduled Scan
      • Exclusions
  • More Options - Introduction
    • Preferences
      • Language Settings
      • Log Settings
      • Connection Settings
      • Update Settings
      • External Device Control Settings
    • Manage My Configurations
      • Comodo Preset Configuration
      • Import / Export And Manage Personal Configurations
    • Diagnostics
    • View Antivirus Events
      • Log Viewer Module
        • Antivirus Logs
          • Filter Antivirus Logs
        • Device Control Logs
          • Filter Device Control Logs
        • Alerts Displayed Logs
          • Filter Alerts Displayed Logs
        • Tasks Launched Logs
          • Filter Tasks Launched Logs
        • Configuration Change Logs
          • Filter Configuration Change Logs
    • Browse Support Forums
    • Help
    • About
  • Appendix 1 - CCS For Linux How To Tutorials
    • Scan Your Computer For Viruses
    • View Antivirus Events
    • Configure Database Updates
    • Quickly Set Up Security Levels
    • Change CCS Language Settings
    • Run An Instant Antivirus Scan On Selected Items
    • Create A Scheduled Scan
    • Restore Incorrectly Quarantined Item(s)
    • Switch Off Automatic Antivirus Updates
    • Control External Device Accessibility
  • About ITarian

Filter Antivirus Logs


You can create custom views of all logged events according to the following criteria:

  • Action - Filter events according to the response (action taken) by the antivirus
  • Location - Filter events by the path at which the malware was found
  • Malware Name - Display only those events that reference a specific piece of malware
  • Status - Filter events according to whether the attempted action was successful or not. Status options are 'Success' or 'Fail'

Configure Event Filters

  • Open Comodo Client Security
  • Click 'More' > 'View Antivirus Events'
  • Click the 'More' button to open the log viewer module
  • Select 'Antivirus Events' in the left-menu
  • Right-click inside the log viewer module and select 'Advanced Filter'
OR
  • Click 'View' on the menu bar and select 'Advanced Filter'
There are 4 types of filter. Each of these can be further refined by selecting or deselecting specific parameters.
  • Select a filter criteria and click 'Add'



 

1. Action: Filter logs by the response to the threat. You can then select a specific action. For example, only show events where the threat was quarantined.



  • Select 'Equal' or 'Not Equal' from the drop-down.
  • Equal – Show only events which feature the action you select. You can select multiple actions.
  • Not Equal - Inverts your choice. For example, select 'Not Equal' + 'Ignore' to view every event except those that were ignored.
  • Choose the events you want to view:
    • Quarantine: Events where the threat was placed in quarantine
    • Remove: Events where the user chose to delete a threat
    • Ignore: Events where the user allowed the threat to proceed
    • Detect: Events where a piece of malware was first identified
    • Ask: Events where the user was asked to provide a response to a discovered threat. Users are asked for their response at an alert, or the results screen at the end of a scan. The response from the user might be 'Quarantine', 'Remove', 'Ignore' or 'Restore'.
    • Restore: Events where the user removed the threat from quarantine and moved it back to its original location.

    2. Location: View logs that concern files at a specific path. You need to enter the path in the field provided:



    • Select 'Contains' or 'Does Not Contain' from the second drop-down:
    • Contains - Show only events which concern items at the location you specify. You can add multiple locations
    • Does Not Contain – Inverts your choice. Show all events except those at the location you specify

    3. Malware Name: Filter logs by the label of the malicious item. You need to enter the name of the malware in the field provided:



    • Select 'Contains' or 'Does Not Contain' from the second drop-down:
    • Contains – Show only events which concern the malware named in the text field. You can add multiple malware names.
    • Does Not Contain – Inverts your choice. Show all events except those that involve the malware you specify.

    4. Status: Filter logs by whether or not the action taken on the threat was successful. You can view only successful actions, or only failed actions.



     

    • Select 'Equal' or 'Not Equal' from the drop-down.
    • Equal – Show only events which feature the result you select.
    • Not Equal - Inverts your choice. For example, select 'Not Equal' + 'Success' to view every event except those that were successful.
    • Choose the outcomes you want to view:
    • Success: View events where the task in the 'Action' column was completed.
    • Failure: View events where the task in the 'Action' column was not completed.

    Comodo Help
    • IT Platform:
    • Help
    • Scripts
    • Wiki
    • Forum
    • Developer
    • RMM
    • Patch Management
    • Service Desk
    • ITSM
    • Managed Service Provider
    • Managed Detection and Response
    • Ticketing System
    • Helpdesk
    • ITIL

    Copyright 2025 Itarian