Detailed Agent Information

Check the IP address, user information, OS information and virtual environment of individual agent. Also, check the information on malicious files and suspicious behaviors detected in the agent, and execute Network Block, Collect AhnReport and Collect Artifact commands.

From Agent Details, you can:

• Check detected malicious file information
• Check detected suspicious behavior information
• Check agent information

Note

Select the period - Last 24 hours, Last 48 hours, Last 7 days, Last 14 days or Last 30 days or click User-defined to specify a period.

Check Agent Details

Check the information on malicious files and suspicious behaviors detected in agents, and execute Network Block, Collect AhnReport and Collect Artifact commands. And, specify the period to display Detected Malicious Files and Detected Suspicious Behaviors. To check the agent details:

1. On the top of the web page, click Detection.
2. From the menu, select Detection > Agent.
3. Specify the period to search for an agent or search for a specific agent using the agent ID and malware name. Select or click an agent to check the details.

• Send Management Command: Click Send Management Command to block the network or collect information from the infected agent.
• Block Network: Block network of infected agent.
• Collect AhnReport: Collect AhnReport from infected agent.
• Collect Artifact: Collect Artifact from infected agent.
• Agent Information: The IP address, user information, OS information and virtual environment of the agent.
• Detected Malicious Files: The information on detected malicious files.
• Detected Suspicious Behaviors: The information on detected suspicious behaviors.

Detected Malicious Files

Check the details on detected malicious files.

• File Name: The detected file name.
• Hash Value: The hash value of the detected file.
• Name: The malware name.
• Detection Time: The infection time.

Detected Suspicious Behaviors

Check the details on detected suspicious behaviors.

• Type: The type of suspicious behavior - file, network, process, registry and system.
• Behavior: The suspicious behavior information. e.g.) create malicious process or create specific data in registry
• Time: The time the behavior was run.

Agent Information

Check the IP address, user information, OS information and virtual environment of individual agent, and also the information on malicious files and suspicious behaviors detected in the agent.

Agent

Check the details on agents.

• Agent ID: The agent's ID.
• Computer Name: The computer name set in Windows System Information.
• Agent IP Address: The agent's IP address. If there are two agent IP addresses, only the one connected will be shown.
• Windows Task Group: The task group set in Windows System Information.
• Last Connection Time: The time the agent last connected to the server.
• Last Logged in User: The currently logged in user.
• Agent Version: The agent version.
• Agent Installation Date: The date the agent was installed.

User

Check the details on the user of agent computer.

• User Name: The user name.
• Department: The user's department.
• Phone No.: The user's phone number.
• Email Address: The user's email address.
• Employee No.: The user's employee number.
• Modification by Admin: The admin modification status of user information - Modified or Not Modified.

OS Information

Check the details on the OS of agent computer.

• Name: The OS name. e.g.) Microsoft Windows 7 Enterprise K
• Type: The type of OS - the OS system type and service pack type. e.g.) Microsoft Windows 7 Enterprise K Service Pack 1 64-bit
• Platform: The OS platform. e.g.) Windows NT
• Platform ID: The OS ID, which can be found in the Control Panel.

Note

To check the Platform ID for Windows 7, go to Control Panel > System and Security > System.

• Version: The OS version. To check the OS version for Windows 7, click Start and Run and type winver. e.g.) 6.1
• Installation Date: The date the OS was installed.

Virtual Environment

Check the virtual environment on which the agent is installed.

• Virtual Environment: The environment on which the agent is installed. Enabled if installed on a virtual environment, and Disabled if not installed on a virtual environment.
• Host OS ID: The Host OS identifier collected from the virtual system management server. The data format is different according to virtual system.