20 Apr 2014 
Comodo Support Home |
Support Center » Knowledgebase » How to view files that were sand-boxed or blocked by defense+ and the requests have expired
 How to view files that were sand-boxed or blocked by defense+ and the requests have expired
Solution By default 'Sandbox' requests expire after 20 seconds. The 'Defense+' settings expire by default after 120 seconds. If after this time you need to check what files have been blocked or sand-boxed you have two options at your disposal:

1) To review the 'History' logs, by selecting 'History\Request history' from the CESM menu. That menu option will bring the 'Request history' tab where you can review all the past actions, notifications and requests made by the endpoints to the CESM Server. [fig 1]



2) The second way to review sand-boxed and blocked applications is to create a 'Discovery Data' log for the 'Defense+'. To do this follow the next few steps:

a) Create a new sequence by accessing the 'Sequence Manager' tab and selecting the 'Add...' button. Add the 'Discovery Data' action with 'CIS – Defense+ Log' as profile. You have the options to restrict the log to a time interval by selecting the appropriate options under 'Input parameters' [fig. 2]. Now, select 'Save, Create task, Close' to create a new task. Now send the task to the endpoint by selecting 'Save, Execute, Close'.



b) Open the 'Discovery Profiles' tab and select the 'CIS – Defense+ Log' profile from the list of profiles. Now select the most recent log for the PC in question and click on the '…' button in the 'Result' window to open the 'Defense+ Log' window. [fig. 3].



Once identified the applications you can either continue blocking/sandbox-ing them or add them as 'Trusted Applications'.



Article Details
Article ID: 1360
Created On: 09 Jun 2011 01:01 PM

 This answer was helpful  This answer was not helpful

 Back
 Login [Lost Password] 
Email:
Password:
Remember Me:
 
 Search
 Latest News  
 Article Options
Support Home | Comodo Home | Submit a Ticket | Knowledgebase | Troubleshooter | News | Downloads

by Kayako SupportSuite v3.70.02