• 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
How do I read and filter events in Log Central?
#2
Hi and welcome!
Log Central is your single pane of glass for all GetOverX Shield events. To use it effectively:
  1. Open Log Central from the Tools section.
  2. Use the Module filter (if available) to focus on a single component at a time: Antivirus, Firewall, HIPS, Sandbox, EDR, etc.
  3. Adjust the time range to “Last hour”, “Today”, “Last 7 days”, depending on what you’re investigating.
  4. Look at key fields such as:
    • Module / Source (who generated the event)
    • Action (allowed, blocked, quarantined, killed, etc.)
    • Object (file, process, IP, domain)
    • Details / Reason (why the action was taken)
This is especially useful to:
  • Reconstruct what happened during a suspicious incident.
  • Verify that your protection modules are working as expected.
  • Identify repeated patterns (e.g., a specific process constantly blocked by HIPS).
  Reply


Messages In This Thread
RE: How do I read and filter events in Log Central? - by mrwebfeeder - 12-05-2025, 02:07 AM

Forum Jump:


Users browsing this thread: 1 Guest(s)